Macro-less Code Exec in MSWord
This blog post was to release first public information about
abusing DDE in Microsoft Word to gain remote code execution, without the need
of macros.
Macro-less Code Exec in MSWord
This blog post was to release first public information about
abusing DDE in Microsoft Word to gain remote code execution, without the need
of macros.
DefCon 25: Demystifying Windows Kernel Exploitation by Abusing GDI Objects
The talk is about Windows kernel exploitation by abusing GDI
objects to gain Elevation of Privileges, and releasing a new GDI object abuse
technique by using GDI Palettes. Specifically, MS16-098 affecting Windows 8.1
x64 bits, exploited by abusing Bitmap objects, and MS17-017 affecting Windows 7
SP1 x86, exploited by abusing GDI Palette objects.
The TRITON Won’t Protect You From Our Punches
Abusing ForcePoint TRITON (DLP) to exfiltrate data and gain full
C2C communications through its logic.