-
PrintDemon: Print Spooler Privilege Escalation, Persistence & Stealth (CVE-2020-1048 & more)
We promised you there would be a Part 1 to FaxHell, and with today’s Patch…
-
Faxing Your Way to SYSTEM — Part Two
“Part two?”, you ask. “Where’s part one?”, you wonder. In this blog post, we are…
-
Symbolic Hooks Part 4: The App Container Traverse-ty
After getting the driver in Part 3 of our blog to load and adding a…
-
Symbolic Hooks Part 3: The Remainder Theorem
We ended the second part with, unsurprisingly, a bugcheck. We tried to redirect all access…
-
Symbolic Hooks Part 2 : Getting the Target Name
In our last blog part, we concluded with a working callback, but no information about…
-
“Move aside, signature scanning!” Better kernel data discovery through lookaside lists
Introduction A while ago we did some research. That specific project might be published at some…
-
DKOM – Now with Symbolic Links!
You might think “What can ANYONE still say about kernel callbacks? We’ve already seen every…
-
R.I.P ROP: CET Internals in Windows 20H1
A very exciting thing happened recently in the 19H1 (Version 1903) release of Windows 10…