132 matches found
The Windows Registry Adventure #6: Kernel-mode objects
Posted by Mateusz Jurczyk, Google Project Zero Welcome back to the Windows Registry Adventure! In the previous installment of the series, we took a deep look into the internals of the regf hive format. Understanding this foundational aspect of the registry is crucial, as it illuminates the design...
Microsoft WinDbg Remote Code Execution (March 2025)
The Microsoft WinDbg app installed on the remote host is affected by a remote code execution vulnerability: - Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network. CVE-2025-24043 Note that Nessus has not tested for this issue but ha...
CVE-2025-24043 WinDbg Remote Code Execution Vulnerability
...
CVE-2025-24043 WinDbg Remote Code Execution Vulnerability
...
WinDbg Remote Code Execution Vulnerability
Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network...
Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in WinDbg. This advisory also provides guidance on what developers can do to update their applicatio...
GHSA-HPW7-8QPC-34P3 Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in WinDbg. This advisory also provides guidance on what developers can do to update their applicatio...
PT-2025-10133 · Microsoft · Dotnet-Debugger-Extensions +3
Name of the Vulnerable Software and Affected Versions: WinDbg versions prior to 9.0.607501 dotnet-sos versions prior to 9.0.607501 dotnet-dump versions prior to 9.0.607501 dotnet-debugger-extensions versions prior to 9.0.607601 Description: The issue arises from improper verification of...
GHSA-99JG-R3F4-RPXJ memory overflow vulnerability in OpenEXR-viewer
Just open this exr file through openexr-viewer. poc send by email This is windbg log file. POC 2 8660.7e44: Access violation - code c0000005 !!! second chance !!! openexrviewer+0x27be4: 00007ff713ff7be4 c744880c0000803f mov dword ptr rax+rcx4+0Ch,3F800000h ds:0000020a3ac8000c=???????? Attempt to...
Qualys Research Team: Threat Thursdays, October 2022
Welcome to the third edition of the Qualys Research Team’s “Threat Research Thursday”, where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, malware attacks, and more. Feedback on our second edition, Qualys Threat Research Thursday, is mor...
Lupo - Malware IOC Extractor. Debugging Module For Malware Analysis Automation
Debugging module for Malware Analysis Automation For a step by step post on how to use Lupo, with images and instructions, please see this post: https://medium.com/@vishalthakur/lupo-malware-ioc-extractor-cc86ae76b85d Introduction Working on security incidents that involve malware, we come across...
Voltron - A Hacky Debugger UI For Hackers
Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers LLDB, GDB, VDB and WinDbg by enabling the attachment of utility views that can retrieve and display data from the debugger host. By running these views in other TTYs, you ca...
Shellex - C-shellcode To Hex Converter, Handy Tool For Paste And Execute Shellcodes In Gdb, Windbg, Radare2, Ollydbg, X64Dbg, Immunity Debugger And 010 Editor
C-shellcode to hex converter. Handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editor. Are you having problems converting C-shellcodes to HEX maybe c-comments+ASCII mixed? Here is shellex. If the shellcode can be compiled in a C compiler...
WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques
Microsoft is known for their backwards compatibility. When they rolled out the 64-bit variant of Windows years ago they needed to provide compatibility with existing 32-bit applications. In order to provide seamless execution regardless of application bitness, the WoW Windows on Windows system wa...
AIDA64 Engineer 6.20.5300 - (Report File) filename Buffer Overflow (SEH) Exploit
Exploit Title: AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow SEH Exploit Author: Hodorsec Version: v6.20.5300 Software Link: http://download.aida64.com/aida64engineer620.exe Vendor Homepage: https://www.aida64.com/products/aida64-engineer Tested on: Win7 x86 SP1 - Build 7601...
AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow (SEH)
Exploit Title: AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow SEH Date: 2020-04-02 Exploit Author: Hodorsec Version: v6.20.5300 Software Link: http://download.aida64.com/aida64engineer620.exe Vendor Homepage: https://www.aida64.com/products/aida64-engineer Tested on: Win7 x86...
10Strike LANState 9.32 - (Force Check) Buffer Overflow (SEH) Exploit
Exploit Title: 10Strike LANState 9.32 - 'Force Check' Buffer Overflow SEH Exploit Author: Hodorsec Version: v9.32 x86 Software Link: https://www.10-strike.com/lanstate/lanstate-setup.exe Vendor Homepage: https://www.freecommander.com Tested on: Win7 x86 SP1 - Build 7601 Description: - Exploits th...
10Strike LANState 9.32 - 'Force Check' Buffer Overflow (SEH)
Exploit Title: 10Strike LANState 9.32 - 'Force Check' Buffer Overflow SEH Date: 2020-04-01 Exploit Author: Hodorsec Version: v9.32 x86 Software Link: https://www.10-strike.com/lanstate/lanstate-setup.exe Vendor Homepage: https://www.freecommander.com Tested on: Win7 x86 SP1 - Build 7601...
10-Strike Network Inventory Explorer 9.03 - (Read from File) Buffer Overflow (SEH) (ROP) Exploit
Exploit Title: 10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow SEHROP Exploit Author: Hodorsec Version: 9.03 Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Vendor Homepage: https://www.10-strike.com Tested on: Win8.1 x64 ...
10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow (SEH) (ROP)
Exploit Title: 10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow SEHROP Date: 2020-03-30 Exploit Author: Hodorsec Version: 9.03 Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Vendor Homepage: https://www.10-strike.com Teste...