unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Writing Windows File System Drivers is Hard.
A tweet by @jonasLyk reminded me of a bug I found in NTFS a few months back, which I've verified st...
2020-5-20 21:29:0 | 阅读: 6 |
收藏
|
www.tiraniddo.dev
inherit
inherited
network
security
windows
Old .NET Vulnerability #5: Security Transparent Compiled Expressions (CVE-2013-0073)
It's been a long time since I wrote a blog post about my old .NET vulnerabilities. I was playing ar...
2020-5-7 23:12:0 | 阅读: 9 |
收藏
|
www.tiraniddo.dev
delegate
delegates
openread
cas
security
Sharing a Logon Session a Little Too Much
The Logon Session on Windows is tied to an single authenticated user with a single Token. However,...
2020-4-25 23:34:0 | 阅读: 8 |
收藏
|
www.tiraniddo.dev
network
rpcss
1152
processid
Taking a joke a little too far.
Dash wastapping away on the only thing a pony could ever love, the Das Keyboard withrainbow col...
2020-4-1 11:0:0 | 阅读: 5 |
收藏
|
www.tiraniddo.dev
dash
applejack
pony
liked
stupid
Getting an Interactive Service Account Shell
Sometimes you want to manually interact with a shell running a service account. Getting a working i...
2020-2-9 23:21:0 | 阅读: 10 |
收藏
|
www.tiraniddo.dev
powershell
network
sess
pain
DLL Import Redirection in Windows 10 1909
While poking around in NTDLL the other day for some Chrome work I noticed an interesting sounding n...
2020-2-8 16:47:0 | 阅读: 14 |
收藏
|
www.tiraniddo.dev
redirection
microsoft
packaged
xs
Don't Use SYSTEM Tokens for Sandboxing (Part 1 of N)
This is just a quick follow on from my last post on Windows Service Hardening. I'm going to pick up...
2020-1-30 06:40:0 | 阅读: 3 |
收藏
|
www.tiraniddo.dev
impersonate
nttoken
Empirically Assessing Windows Service Hardening
In the past few years there's been numerous exploits for service to system privilege escalation. Pr...
2020-1-2 02:26:0 | 阅读: 4 |
收藏
|
www.tiraniddo.dev
wsh
experiment
dacl
security
impersonate
The Mysterious Case of a Broken Virus Scanner
On my VM (with a default Windows 10 1909) I used for my series of AppLocker I wanted to test out th...
2019-12-6 03:8:0 | 阅读: 6 |
收藏
|
www.tiraniddo.dev
windows
mpoav
applocker
defender
attachment
The Internals of AppLocker - Part 4 - Blocking DLL Loading
This is part 4 in a short series on the internals of AppLocker (AL). Part 1 is here, part 2 here an...
2019-11-21 06:42:0 | 阅读: 24 |
收藏
|
www.tiraniddo.dev
appid
advapi32
ldrloaddll
security
The Internals of AppLocker - Part 3 - Access Tokens and Access Checking
This is part 3 in a short series on the internals of AppLocker (AL). Part 1 is here, part 2 here an...
2019-11-20 06:30:0 | 阅读: 6 |
收藏
|
www.tiraniddo.dev
security
appid
tokenhandle
synchronize
The Internals of AppLocker - Part 2 - Blocking Process Creation
This is part 2 in a short series on the internals of AppLocker (AL). Part 1 is here, part 3 here an...
2019-11-18 06:6:0 | 阅读: 6 |
收藏
|
www.tiraniddo.dev
windows
processes
appid
createinfo
The Internals of AppLocker - Part 1 - Overview and Setup
This is part 1 in a short series on the internals of AppLocker (AL). Part 2 is here, part 3 here an...
2019-11-16 17:16:0 | 阅读: 5 |
收藏
|
www.tiraniddo.dev
windows
applocker
microsoft
appidsvc
1909
Previous
2
3
4
5
6
7
8
9
Next