Explore >> Select a destination
|
You are here 
|
pentestlaboratories.com | ||
| | | | |
pentestlab.blog
|
|
| | | | | When a program is starting a number of DLL's are loaded into the memory space of it's process. Windows is searching the DLL's that are required by the process by looking into the system folders in a specific order. Hijacking the search order can be used in red teaming scenarios to identify privilege escalation and... | |
| | | | |
macrosec.tech
|
|
| | | | | The first thing we need to do is to identify which dll is crucial for discord to run because that is the dll we will use to perform dll hijacking. In order to find out, we need to open the file location of discord and we see: To identify the COM Keys of Chrome that we can use for COM Hijacking, we use the tool Process Monitor to identify all the processes running when Chrome runs, we also discover the COM servers that are missing CLSID's and the ones which don't require elevated privileges. We use the following filters: | |
| | | | |
www.codeproject.com
|
|
| | | | | A detailed analysis of how to inject the .NET runtime and arbitrary .NET assemblies into unmanaged and managed processes; and how to execute managed code within those processes. | |
| | | | |
insinuator.net
|
|
| | | From the end of 2019 on, we reported two critical vulnerabilities in the Ivanti DSM Suite to the vendor. The following CVE IDs were assigned to the issues (but note that they have a status of RESERVED, i.e. titles and descriptions may change in the future): CVE-2020-12441: Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 CVE-2020-13793: Unsafe storage of AD cre ... | ||
