Full Disclosure mailing list archives
nt!_SEP_TOKEN_PRIVILEGES – Single Write EoP Protect
From: Kyriakos Economou <arfproject () hotmail com>
Date: Wed, 19 Apr 2017 11:04:03 +0000
TL;DR: Abusing enabled token privileges through a kernel exploit to gain EoP it won’t be enough anymore as from NT kernel version 10.0.15063 they are ‘checked’ against the privileges present in the token of the calling process. So you will need two writes. URL: http://www.anti-reversing.com/ntoskrnl-v10-0563_nt_sep_token_privileges-single-write-eop-protect/ kyREcon _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- nt!_SEP_TOKEN_PRIVILEGES – Single Write EoP Protect Kyriakos Economou (Apr 21)