lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <613331.70518.qm@web112811.mail.gq1.yahoo.com>
Date: Tue, 27 Oct 2009 08:14:26 -0700 (PDT)
From: Protek Research Lab <protekresearchlab@...oo.ca>
To: bugtraq@...urityfocus.com
Subject: {PRL} Rising Firewall 2009 Privilege Escalation

#####################################################################################

Application:  Rising Firewall 2009
            
Platforms:    Windows XP Professional SP2

Exploitation: Privilege Escalation

Date:         2009-10-26

Author:       Francis Provencher (Protek Research Lab's) 

          
#####################################################################################

1) Introduction
2) Technical details
3) The Code (N/A)


#####################################################################################

===============
1) Introduction
===============

Rising Firewall 2009

RISING Firewall is a customizable personal information security product designed to protect your computer from attacks while online.

(from Rising Firewall website)


#####################################################################################

============================
2) Technical details 
============================

Rising Firewall 2009 
Build 21.55.12

All files under the install folder have Full control access for BUILTIN\users and can be replace with malicious files.

... snip ....


C:\Program Files\Rising\RFW\CCenter.exe BUILTIN\Utilisateurs:F
                                        BUILTIN\Utilisateurs avec pouvoir:C
                                        BUILTIN\Administrateurs:F
                                        AUTORITE NT\SYSTEM:F
                                        FUZZYXP\francis:F
... snip ...

C:\>WHOAMI.EXE
FUZZYXP\test

C:\>telnet 127.0.0.1 4444


C:\>WHOAMI.EXE
WHOAMI.EXE
AUTORITE NT\SYSTEM





#####################################################################################

===========
3) The Code
===========

N\A


#####################################################################################
(PRL-2009-14)





      __________________________________________________________________
Get a sneak peak at messages with a handy reading pane with All new Yahoo! Mail: http://ca.promos.yahoo.com/newmail/overview2/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ