This page looks best with JavaScript enabled

SANS ISC Diary - Desktop.ini as a post-exploitation tool

 ·  β˜• 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool.

UPDATE 27. 5. 2020: I put together a shor video demonstrating the vulnerabiltiy while preparing materials for SANSFIRE 2020. You may find it here.

ISC diary
Share on