nt!ObpCreateSymbolicLinkName Race Condition Write-Beyond-Boundary. (CVE-2021-41335)https://github.com/waleedassar/ObpCreateSymbolicLinkName_EoP …
-
I never expected that a core functionality like this one might have oobw
lol- i think there is also still that for handling relative ntfs symbolic links with ::$index_allocation in the path
-
-
Whut, even file parsing... I'm usually not looking for bugs in functions that are commonly used, I guess this need to change
-
yah, everybody thinks like that, I just find bugs
- Show replies
New conversation -
-
-
something like the path gotta be short chars, ntfs symlink begin with ..\ then open with ::$index_allocation appended to folder of link....
-
.... *confusion*
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.