Post-exploitation on Untrusted Network https://untrustednetwork.net/en/tag/post-exploitation/ Recent content in Post-exploitation on Untrusted Network Hugo -- gohugo.io en &copy; Jan Kopriva 2015 - {year} Mon, 30 Mar 2020 07:55:00 +0100 weekly weekly SANS ISC Diary - Crashing explorer.exe with(out) a click https://untrustednetwork.net/en/2020/03/30/sans-isc-diary-crashing-explorer.exe-without-a-click/ Mon, 30 Mar 2020 07:55:00 +0100 Mon, 30 Mar 2020 07:55:00 +0100 https://untrustednetwork.net/en/2020/03/30/sans-isc-diary-crashing-explorer.exe-without-a-click/ A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles self-referential links, which makes it possible to use specially crafted URL and LNK files to crash Explorer. <p>A <a href="https://isc.sans.edu/forums/diary/Crashing+explorerexe+without+a+click/25966/">Diary</a> of mine was published today on the <a href="https://isc.sans.edu/">SANS Internet Storm Center</a>. In this one, we take a look at a vulnerability in the way Windows handles self-referential links, which makes it possible to use specially crafted URL and LNK files to crash Explorer.</p> <img src="https://untrustednetwork.net/images/isc/isc-diary.jpg" alt="ISC diary"> Jan Kopriva featured image SANS Windows Vulnerability Microsoft Post-exploitation Red teaming News 2020 SANS ISC Diary SANS ISC Diary - Desktop.ini as a post-exploitation tool https://untrustednetwork.net/en/2020/03/16/sans-isc-diary-desktop.ini-as-a-post-exploitation-tool/ Mon, 16 Mar 2020 07:55:00 +0100 Mon, 16 Mar 2020 07:55:00 +0100 https://untrustednetwork.net/en/2020/03/16/sans-isc-diary-desktop.ini-as-a-post-exploitation-tool/ A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool. UPDATE 27. 5. 2020: I put together a shor video demonstrating the vulnerabiltiy while preparing materials for SANSFIRE 2020. You may find it here. <p>A <a href="https://isc.sans.edu/forums/diary/Desktopini+as+a+postexploitation+tool/25912/">Diary</a> of mine was published today on the <a href="https://isc.sans.edu/">SANS Internet Storm Center</a>. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool.</p> <p><em>UPDATE 27. 5. 2020: I put together a shor video demonstrating the vulnerabiltiy while preparing materials for <a href="https://www.sans.org/event/sansfire-2020/">SANSFIRE 2020</a>. You may find it <a href="https://www.youtube.com/watch?v=pVqJiaUnstA">here</a>.</em></p> <img src="https://untrustednetwork.net/images/isc/isc-diary.jpg" alt="ISC diary"> Jan Kopriva featured image SANS Windows Vulnerability Microsoft Post-exploitation Red teaming News 2020 SANS ISC Diary