DLL shared sections have long been infamous for introducing security problems. A few months ago I decided to take a look if one can still find applications that use PE modules with shared sections in an insecure way (or using them at all). Today I'm releasing research notes, some tools and a demo of a Cygwin local privilege escalation (it's already fixed).
Read more...
Links / Blogs
- → dragonsector.pl
- → vexillium.org
- Security/Hacking:
- Reverse Eng./Low-Level:
- Programming/Code:
Posts
- Google's Beginner Quest 2021 - all tasks solved recording,
- Seventh Inferno vulnerability (some NETGEAR smart switches),
- Draconian Fear vulnerability (some NETGEAR smart switches),
- Demon's Cries vulnerability (some NETGEAR smart switches),
- Making numbers out of thin air, Python bytecode edition,
- ClickMeeting minor privacy weakness (fixed),
- popen+cat explained,
- Gears of Chaos vulnerability chain (NETGEAR WAC104 access point),
- WAC104 vulnerabilities - please go patch (details on Monday),
- FAQ: Difference between vulnerability, exploit and CVE,
- → see all posts on main page
Add a comment: