home.social

#msrpc — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #msrpc, aggregated by home.social.

  1. Windows RPC Exposes New Local Privilege Escalation Technique

    A newly discovered technique allows hackers to easily escalate their privileges to SYSTEM level on Windows systems, using a vulnerability in the Remote Procedure Call stack. This alarming exploit relies on clever manipulation of Security Quality of Service parameters and impersonation levels.

    osintsights.com/windows-rpc-ex

    #LocalPrivilegeEscalation #Windows #Rpc #Alpc #Msrpc

  2. It was great to see a challenge @1ns0mn1h4ck where we had to exploit a logic bug in an #MSRPC service 🎉
    Thanks to @itm4n for this great challenge 🙏 infosec.exchange/@itm4n/109732
    His blog was very helpful, especially this part itm4n.github.io/from-rpcview-t and in a nutshell the vulnerability was a case of this: csandker.io/2021/02/21/Offensi as described by @0xcsandker The idea was to make the #impersonation (RpcImpersonateClient) by the server to fail.