| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <58DB1B68E62B9F448DF1A276B0886DF16EB3960C@EX2010.hammerofgod.com> Date: Tue, 26 Oct 2010 17:44:22 +0000 From: "Thor (Hammer of God)" <thor@...merofgod.com> To: Tyler Borland <tborland1@...il.com>, "Thor (Hammer of God)" <thor@...merofgod.com> Cc: Full-Disclosure mailing list <full-disclosure@...ts.grok.org.uk> Subject: Re: Windows Vista/7 lpksetup dll hijack > I thought this would've killed the exploit as it killed the process, but when I sadly hit cancel, I was presented with the payload's result (calc in the PoC). > I just thought this piece was interesting so I included it. Sorry for any confusion. Yes, I understand that part... My point is that the payload result of "calc" would run like that, but if the payload did something else that required admin privileges, it would fail. But I understand your point, and I do find it interesting that the cancel proceeds with the .dll load. That might be something worth looking at in more detail. t _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists