Symantec Protection Engine (SPE) - ICAP bypass
Hello folks! A couple of weeks ago I found a security issue on Symantec Protection Engine which could lead to ICAP inspection bypass. Check it out here !
Popular posts from this blog
Google Cloud Security - Enumeration using curl
Hello folks, It is been a while since my last post. Recently the GitLab Red Team published a pretty comprehensive material about privilege escalation and post exploitation tactics on the Google Cloud Platform (GCP). I've made a fork of their enumeration tool and added a few enumerations to it. Aside of it, I've also created a second enumeration tool which is totally independent on the Google Cloud SDK being installed on the target machine, requiring only curl. Check it out here !
MS17-010 executable exploit for local/remote privilege escalation
Hi there, Few months ago I modified a version of the Worawit Wang: GitHub zzz_exploit for MS17-010. The new version implements a few options such as username/password specification and an arbitrary command to be executed. It does not change anything related to the SMB exploitation This is a bundle with an executable and dependencies and DOES NOT require any python install. This is very suitable for scenarios where one has low privilege access to a vulnerable Windows but does not have any Python available nor Metasploit for proper exploitation. I hope you enjoy it. Here it goes: MS17-010 exploit .
Comments
Post a Comment