Explore >> Select a destination
|
You are here 
|
parsiya.net | ||
| | | | |
enigma0x3.net
|
|
| | | | | Version: Origin Client version 10.5.35.22222-0 (https://www.origin.com/usa/en-us/store/download) Operating System tested on: Windows 10 1709 (x64) Advisory: https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client EA's Blog: https://www.ea.com/security/news/origin-security-update-in-collaboration-with-external-security-researchers Vulnerability: Origin Client Service DACL Overwrite Elevation of Privilege Brief Description: When Origin is installed, it comes with a few different services, such as the "Origin Client Service". This service can be stopped and started by... | |
| | | | |
gebir.ge
|
|
| | | | | ||
| | | | |
pentestlab.blog
|
|
| | | | | In Windows environmentswhen an applicationor a serviceis startingit looks for a number of DLL's in orderto function properly.If these DLL'sdoesn't exist or are implemented in an insecure way (DLL'sare called withoutusing a fully qualified path) then itis possible to escalate privileges by forcing the application to load and execute amalicious DLL file. It should be... | |
| | | | |
blog.ikuamike.io
|
|
| | | Difficulty Release Date Author Beginner 29 June 2019 Zayotic Summary I got an OSCP voucher last year and this is my active effort to prep for it using TJ-Null's OSCP Prep list. Hopefully documenting this will help improve my methodology and get me ready for OSCP and beyond. In this box, initial access is through lfi to rce by using sending a payload in mail and accessing it.For privilege escalation we exploit a setuid binary that doesn't use absolute paths, therefore hijacking the path gives us root. | ||
