Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

nt!_SEP_TOKEN_PRIVILEGES – Single Write EoP Protect

From: Kyriakos Economou <arfproject () hotmail com>
Date: Wed, 19 Apr 2017 11:04:03 +0000
TL;DR: Abusing enabled token privileges through a kernel exploit to gain EoP it won’t be enough anymore as from NT 
kernel version 10.0.15063 they are ‘checked’ against the privileges present in the token of the calling process. So you 
will need two writes.


URL: http://www.anti-reversing.com/ntoskrnl-v10-0563_nt_sep_token_privileges-single-write-eop-protect/


kyREcon

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: