Now Exploiting Windows!
Weak Service Permissions
Making press recently is the not quite new but always exciting ability to exploit a remote PC by gaining access to replace a file on the PC that is started up when the computer boots.
This happens because a third party service application is running in a location on the PC where anyone who connects to the PC (aka a regular user) can modify the files in that folder.
A good write up on this can be found here: http://travisaltman.com/windows-privilege-escalation-via-weak-service-permissions/
That same article links to several other great articles on privilege escalation and other security blogs.
No comments:
Post a Comment