Uhh- I am now a metasploit module- or... my article about arb file delete -> systemshell is used in one. windows/local/cve_2020_1170_windows_defender_lpe uses arb file del in defender, then my technique and you get a meterpreter as system :)
-
https://0x00sec.org/t/windows-defender-av-zero-day-vulnerability/22258 … i guess you didn't noticed about that
I dont understand why use vuln, delete media player folder use vuln to recreate folder get network service token instead of just doing the wermgr.exe.local folder as in article and get system
-
-
IDK but your method isn't working on my machines
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.