Microsoft Windows Image File Execution Options (IFEO) Persistence

This PHP script leverages legitimate Windows debugging features to establish persistent remote access. This technique leverages the Image File Execution Options IFEO registry keys to configure a monitor process that automatically executes when a specified target process exits. Windows allows...

Microsoft Windows Silent Process Exit Persistence

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require 'msf/core/exploit/exe' class MetasploitModule 'Windows Silent Process Exit Persistence', 'Description' = %q Windows allows you to se...

Windows Silent Process Exit Persistence

Windows allows you to set up a debug process when a process exits. This module uploads a payload and declares that it is the debug process to launch when a specified process exits. This module requires Metasploit: https://metasploit.com/download Current source:...

TrendMicro OfficeScan 11.0 / XG (12.0) XG Image File Execution Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ======== OfficeScan v11.0 and XG 12.0...

Trend Micro OfficeScan 11.0/XG (12.0) - Image File Execution Bypass Vulnerability

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ==================...

Trend Micro OfficeScan 11.0XG (12.0) - Image File Execution Bypass

Trend Micro OfficeScan 11.0XG 12.0 - Image File Execution Bypass + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ==================...

Trend Micro OfficeScan 11.0/XG (12.0) - Image File Execution Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ======== OfficeScan v11.0 and XG 12.0...

Bitdefender Total Security DLL Loading Local Code Injection Vulnerability

Bitdefender Total Security is prone to local code injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...