15 matches found
EUVD-2020-10099
Malware in sbrugna...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2024-30090 - LPE PoC CVE-2024-30090https://msrc.mic...
MultiDump - Post-Exploitation Tool For Dumping And Extracting LSASS Memory Discreetly
MultiDump is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly, without triggering Defender alerts, with a handler written in Python. Blog post: https://xre0us.io/posts/multidump MultiDump supports LSASS dump via ProcDump.exe or comsvc.dll, it offers two...
Nosferatu - Lsass NTLM Authentication Backdoor
Lsass NTLM Authentication Backdoor How it Works First, the DLL is injected into the lsass.exe process, and will begin hooking authentication WinAPI calls. The targeted function is MsvpPasswordValidate, located in NtlmShared.dll. In the pursuit of not being detected, the hooked function will call...
OffensiveRust
This is a collection of Rust code snippets, each implementing a different type of exploit or malicious functionality. The code is organized into several subdirectories, each containing a specific exploit or tool. Here's a summary of the code and its functionality: 1. AllocateWithSyscalls: This co...
CVE-2020-18172
A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges...
CVE-2020-18172
CVE-2020-18172: A code-injection flaw in the SeDebugPrivilege component of Trezor Bridge 2.0.27 enables privilege escalation. Documented in multiple feeds (NVD, Red Hat, etc.) with CVSS v3.1 score 9.8 (NETWORK, LOW attack complexity, PR:N, UI:N, C/H/I/A:H). Affected product: Trezor Bridge 2.0.27....
Trezor Bridge 代码注入漏洞
Trezor Bridge is an application that facilitates communication between Trezor devices and supported browsers. Trezor Bridge suffers from a code injection vulnerability that stems from a code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 that allows an attacker ...
CobaltStrikeScan - Scan Files Or Process Memory For CobaltStrike Beacons And Parse Their Configuration
Scan files or process memory for Cobalt Strike beacons and parse their configuration. CobaltStrikeScan scans Windows process memory for evidence of DLL injection classic or reflective injection and performs a YARA scan on the target process' memory for Cobalt Strike v3 and v4 beacon signatures...
Lsassy - Extract Credentials From Lsass Remotely
Python library to remotely extract credentials. This blog post explains how it works. You can check the wiki This library uses impacket project to remotely read necessary bytes in lsass dump and pypykatz to extract credentials. Requirements Python = 3.6 pypykatz = 0.3.0 impacket Installation From...
Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token
Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL ...
Win10Pcap - Local Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Source: https://github.com/Rootkitsmm/Win10Pcap-Exploit / Win10Pcap kernel-mode driver did not check the virtual addresses which are passed from the user-mode , IOCTL Using Neither Buffered Nor Direct I/O without ProbeForWrite to validating...
Win10Pcap - Local Privilege Escalation Vulnerability
Win10Pcap - Local Privilege Escalation Vulnerability. Local exploit for windows platform Source: https://github.com/Rootkitsmm/Win10Pcap-Exploit / Win10Pcap kernel-mode driver did not check the virtual addresses which are passed from the user-mode , IOCTL Using Neither Buffered Nor Direct I/O...
CVE-2004-2339
Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since...
CVE-2004-2339
CVE-2004-2339 affects Microsoft Windows 2000, XP, and possibly 2003. The vulnerability allows local users with SeDebugPrivilege to execute arbitrary code at kernel level and read/write kernel memory via NtSystemDebugControl, with argument pointer verification not performed. The issue is local and...