| Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server |
|
|
|
| Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049) |
|
|
|
| Partially disable Cybereason EDR as low privileges user on Windows |
|
|
|
| Technical Analysis of Windows CLFS Zero-Day Vulnerability CVE-2022-37969 - Part 1: Root Cause Analysis |
|
|
|
| Abusing Windows’ tokens to compromise Active Directory without touching LSASS |
|
|
|
| RC4 Is Still Considered Harmful |
|
|
|
| SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri |
|
|
|
| [CVE-2022-1786] A Journey To The Dawn |
|
|
|
| Another Tale Of IBM I (AS/400) Hacking |
|
|
|
| Two RCEs are better than one: write-up of an interesting lateral movement |
|
|
|
| New Attack Paths? AS Requested Service Tickets |
|
|
|
| Microsoft Windows Shift F10 Bypass and Autopilot privilge escalation |
|
|
|
| Skype for Business Audit Part 1 - SKYPErsistence |
|
|
|
| Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286) |
|
|
|
| Pwn2Own Miami 2022: AVEVA Edge Arbitrary Code Execution |
|
|
|
| Quasar: Compromising Electron Apps |
|
|
|
| Hacking My Helium Crypto Miner |
|
|
|
| Simple IBM I (AS/400) Hacking |
|
|
|
| SSD Advisory – Linux CONFIG_WATCH_QUEUE LPE |
|
|
|
| Azure Synapse: Local Privilege Escalation Vulnerability in Spark |
|
|
|
| SETTLERS OF NETLINK: Exploiting a limited UAF in nf_tables (CVE-2022-32250) |
|
|
|
| CVE-2022-26113: FortiClient Arbitrary File Write As SYSTEM |
|
|
|
| Blind Exploits To Rule Watchguard Firewalls |
|
|
|
| SSD Advisory – VhdmpiValidateVirtualDiskSurface LPE |
|
|
|
| Break Me Out Of Sandbox In Old Pipe - CVE-2022-22715 Windows Dirty Pipe |
|
|
|
writeups.xyz
/
Local Privilege Escalation