#msrpc — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #msrpc, aggregated by home.social.
-
Windows RPC Exposes New Local Privilege Escalation Technique
A newly discovered technique allows hackers to easily escalate their privileges to SYSTEM level on Windows systems, using a vulnerability in the Remote Procedure Call stack. This alarming exploit relies on clever manipulation of Security Quality of Service parameters and impersonation levels.
-
It was great to see a challenge @1ns0mn1h4ck where we had to exploit a logic bug in an #MSRPC service 🎉
Thanks to @itm4n for this great challenge 🙏 https://infosec.exchange/@itm4n/109732777607992952
His blog was very helpful, especially this part https://itm4n.github.io/from-rpcview-to-petitpotam/#the-petitpotam-case and in a nutshell the vulnerability was a case of this: https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html#server-non-impersonation as described by @0xcsandker The idea was to make the #impersonation (RpcImpersonateClient) by the server to fail.