Main menu

Skip to content

Cyberkryption

Ethical Hacking and Infosec Musings…

RSS

Tag Archives: Exploit

MS15-051 PoC

Posted by cyberkryption on May 14, 2015

A nice local privilege escalation exploit example for Windows 2003 onwards (kb3057191) by @hfiref0x, this was used as part of an APT campaign”Operation Russia” as detailed by FireEye here.

local-priv-esc

On the protection front, please apply the fix from Microsoft here.

Cheers

Cyberkryption

 

Leave a comment Posted in privilege escalation, tutorial Tagged Exploit, MS15-051, Privilege Escalation, Windows

Disclaimer

The opinions expressed in this blog are my own views and in no way represent my employer.

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 15 other followers

Blogs I Follow

  • CYBER ARMS - Computer Security
  • AverageSecurityGuy
  • rewt dance
  • Offensive Security
  • Samiux's Blog
  • Penetration Testing Lab
  • Christopher Truncer's Website
  • Rapid7 Blog
  • Portcullis Labs » Blog
  • Room362
  • TrustedSec – Information Security
  • E-Spohn
April 2018
M T W T F S S
« Nov    
 1
2345678
9101112131415
16171819202122
23242526272829
30  

RSS Security Focus

  • Vuln: Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
  • Vuln: FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
  • Vuln: Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
  • Vuln: FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
  • Bugtraq: [slackware-security] gd (SSA:2018-108-01)
  • Bugtraq: WebKitGTK+ Security Advisory WSA-2018-0003
  • Bugtraq: [SECURITY] [DSA 4174-1] corosync security update
  • Bugtraq: [SECURITY] [DSA 4173-1] r-cran-readxl security update
  • More rss feeds from SecurityFocus

Blog at WordPress.com.

CYBER ARMS - Computer Security

Cybersecurity News and Business Computer Tips

AverageSecurityGuy

rewt dance

Ethical Hacking and Infosec Musings...

Offensive Security

Ethical Hacking and Infosec Musings...

Samiux's Blog

Ethical Hacking and Infosec Musings...

Penetration Testing Lab

Articles from the Pentesting Field

Christopher Truncer's Website

A Hacker's Perspective

Rapid7 Blog

Ethical Hacking and Infosec Musings...

Portcullis Labs » Blog

Ethical Hacking and Infosec Musings...

Room362

Ethical Hacking and Infosec Musings...

TrustedSec – Information Security

Ethical Hacking and Infosec Musings...

E-Spohn

Ethical Hacking and Infosec Musings...

Cancel