A Software Security Blog
A Black Hat 2015 presentation by James Forshaw began to mainstream a Windows privesc technique that abused SeAssignPrimaryToken/SeImpersonate permissions; https://www.youtube.com/watch?v=QRpfvmMbDMg.… Continue Reading
Windows Management Instrumentation (WMI) is a suite of tools that automate administrative tasks. Windows users natively interact with WMI via… Continue Reading
The COM (Component Object Model) provide an interface for object to interact with objects in other processes. Calls to COM… Continue Reading
Credit to Tim Medin for his DerbyCon presentation on this technique. The Kerberoasting technique provides an attacker with a means… Continue Reading
Cross Site Scripting (XSS) will allow an attacker’s malformed parameter to manipulate the anticipated functionality of the web application. This… Continue Reading
A CSRF vulnerability allows an attacker to social engineer authenticated users into submitting HTTP requests. The server receives the covertly… Continue Reading
The effectiveness of a cryptographically-secure pseudorandom number generator is heavily reliant upon the seed. This initial “seed” value must be… Continue Reading
A SQL injection (SQLi) occurs when an unfiltered user parameter is rendered as executable logic by a database management system… Continue Reading
A DLL hijack is potentially achievable when a directory within the “standard search order” is writeable by a malicious actor.… Continue Reading
The “standard search order” is a list of directories that an operating system iterates through to locate supporting files. An… Continue Reading