30 matches found
EUVD-2016-6722
Malware in sbrugna...
EUVD-2006-1385
Malware in sbrugna...
EUVD-2008-0867
Malware in sbrugna...
EUVD-2006-1384
Malware in sbrugna...
ShadowSpray - A Tool To Spray Shadow Credentials Across An Entire Domain In Hopes Of Abusing Long Forgotten GenericWrite/GenericAll DACLs Over Other Objects In The Domain
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain. Why this tool In a lot of engagements I see in BloodHound that the group "Everyone" / "Authenticated Users" / "Domain Users" or some other...
Get-RBCD-Threaded - Tool To Discover Resource-Based Constrained Delegation Attack Paths In Active Directory Environments
Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory Environments Based almost entirely on wonderful blog posts "Wagging the Dog: Abusing Resource-Based Constrained Delegation to Attack Active Directory" by Elad Shamir and "A Case Study in Wagging the Dog:...
North Korean Hackers Spotted Using New Multi-Platform Malware Framework
Lazarus Group, the notorious hacking group with ties to the North Korean regime, has unleashed a new multi-platform malware framework with an aim to infiltrate corporate entities around the world, steal customer databases, and distribute ransomware. Capable of targeting Windows, Linux, and macOS...
Lazarus Group Hides macOS Spyware in 2FA Application
The North Korea-linked cyberthreat group known as Lazarus Group has added a new variant of the Dacls remote-access trojan RAT to its arsenal of spy gear, designed specifically for the Mac operating system. Dacls was first discovered last December targeting Windows and Linux platforms. The new...
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit
On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...
Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens lsass.exe, services.exe, ... has 8 uninitialized bytes at the end, as the size ...
AD ACL Scanner
AD ACL Scanner AD ACL Scanner is a tool completly written in PowerShell with GUI used to create reports of access control lists DACLs and system access control lists SACLs in Active Directory . New Features Faster compare of Access Control Lists using USN from replication metadata. Primary...
CVE-2016-5787
General Electric GE Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors...
Design/Logic Flaw
General Electric GE Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors...
CVE-2016-5787
General Electric GE Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors...
CVE-2016-5787
CVE-2016-5787 affects GE Digital Proficy HMI/SCADA CIMPLICITY, prior to version 8.2 SIM 27. The root cause is improper handling of service DACLs, allowing a local user to modify the CIMPLICITY service configuration via unspecified vectors, enabling privilege elevation by tampering with the servic...
Design/Logic Flaw
Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs...
CVE-2008-0860
Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs...
CVE-2007-1442
Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists DACLs, which allows local users to gain privileges...
Microsoft Security Bulletin MS06-011 Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)
Microsoft Security Bulletin MS06-011 Permissive Windows Services DACLs Could Allow Elevation of Privilege 914798 Published: March 14, 2006 | Updated: March 17, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Elevation of...
CVE-2006-1381
Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe...