| CVE-2023-23525: Get Root via A Fake Installer |
|
|
|
| The Fuzzing Guide to the Galaxy: An Attempt with Android System Services |
|
|
|
| Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 2 |
|
|
|
| CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd |
|
|
|
| Bash Privileged-mode Vulnerabilities In Parallels Desktop And CDPATH Handling In MacOS |
|
|
|
| Microsoft Intune, Version 1.55.48.0 Advisory |
|
|
|
| Windows Task Scheduler Application, Version 19044.1706 Advisory |
|
|
|
| CyberGhostVPN - the story of finding MITM, RCE, LPE in the Linux client |
|
|
|
| Dynamic Linking Injection and LOLBAS Fun |
|
|
|
| Getting Root - A Technical Walkthrough |
|
|
|
| Windows Installer EOP (CVE-2023-21800) |
|
|
|
| Your Browser is Not a Safe Space |
|
|
|
| Veeam Backup and Replication CVE-2023-27532 Deep Dive |
|
|
|
| Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation) |
|
|
|
| Bypass TCC via iCloud |
|
|
|
| From CVE-2022-33679 to Unauthenticated Kerberoasting |
|
|
|
| Give me a browser, I’ll give you a Shell |
|
|
|
| Multiple vulnerabilities in Nokia BTS Airscale ASIKA |
|
|
|
| Trellix Advanced Research Center Discovers a New Privilege Escalation Bug Class on macOS and iOS |
|
|
|
| Disabling ClamAV as an Unprivileged User |
|
|
|
| EoP via Arbitrary File Write/Overwite in Group Policy Client “gpsvc” – CVE-2022-37955 |
|
|
|
| Readline crime: exploiting a SUID logic bug |
|
|
|
| LPE via StorSvc |
|
|
|
| LocalPotato - When Swapping The Context Leads You To SYSTEM |
|
|
|
| Elevation of privileges from Everyone through Avast Sandbox to System AmPPL (CVE-2021-45335, CVE-2021-45336 and CVE-2021-45337) |
|
|
|
writeups.xyz
/
Local Privilege Escalation