Friday, May 12, 2017

IIS Security

If you are setting up an IIS server or installing an app that will enable IIS, take a look at these links on how to harden IIS:

  • http://resources.infosecinstitute.com/hardening-iis-security/#gref
  • https://technet.microsoft.com/en-us/library/jj635855(v=ws.11).aspx
  • https://msdn.microsoft.com/en-us/library/dd163542.aspx

Weak Service Permissions

Now Exploiting Windows!
Weak Service Permissions


Making press recently is the not quite new but always exciting ability to exploit a remote PC by gaining access to replace a file on the PC that is started up when the computer boots.

This happens because a third party service application is running in a location on the PC where anyone who connects to the PC (aka a regular user) can modify the files in that folder.

A good write up on this can be found here: http://travisaltman.com/windows-privilege-escalation-via-weak-service-permissions/

That same article links to several other great articles on privilege escalation and other security blogs.