cyber security companies | penetration testing | managed security service provider | cyber security consultant
May 11, 2020

Game Over Privileges

On Windows a privilege is the right of an account, such as a user or group account, to perform various system-related operations on the local computer. There are 36 privileges defined in the Privilege Constants although a number are used internally by the operating system. There are a number of privileges that are considered game over, in… Continue reading Game Over Privileges

Read More
cyber security audit services | penetration testing brisbane | information security consultant | pen testing
April 2, 2020

Making a PoC for CVE-2020-0668

Recently Clément Labro released a blog post about an arbitrary file move vulnerability he discovered. This was CVE-2020-0668 which involved abusing Service Tracing to cause an arbitrary file move with the help of symlinks.   I confirmed the vulnerability using the Google Project Zero symboliclink-testing-tools but wanted to create a standalone executable, that could be easily shipped to a… Continue reading Making a PoC for CVE-2020-0668

Read More