|
You are here |
labs.ioactive.com | ||
| | | | |
www.anvilsecure.com
|
|
| | | | | The main purpose behind starting this research project was to get further understanding on how to review and exploit both Windows Applications and Environments... | |
| | | | |
pentestlab.blog
|
|
| | | | | In Windows environmentswhen an applicationor a serviceis startingit looks for a number of DLL's in orderto function properly.If these DLL'sdoesn't exist or are implemented in an insecure way (DLL'sare called withoutusing a fully qualified path) then itis possible to escalate privileges by forcing the application to load and execute amalicious DLL file. It should be... | |
| | | | |
parsiya.net
|
|
| | | | | [AI summary] The provided text is a detailed technical article discussing various methods and techniques for exploiting custom protocol handlers and command-line switches in applications. It covers topics such as UNC path injection, command-line switch abuse, remote file execution, and leveraging startup directories for persistence. The article also includes practical examples, tools like Nirsoft's URLProtocolView, and advice on how to discover and exploit vulnerabilities in applications. | |
| | | | |
geekken.blog
|
|
| | | 1 post published by Geek Ken on November 1, 2022 | ||