It's a fun bug for sure, but I don't understand why it's being called "RCE" , isn't it more accurately "LPE" ?
-
-
My understanding is that you would effectively need psexec access to exploit this, do we agree on that?
-
Nope. Nmap exploit module is here: https://svn.nmap.org/nmap/scripts/smb-webexec-exploit.nse …
- 38 more replies
New conversation -
-
-
I get your take btw, I think some things are just lost in translation and/or mashed together with other issues. Twitter is rubbish platform for discussing anything actually interestingpic.twitter.com/SQBkdKJtfn
-
This Tweet is unavailable.
New conversation -
-
-
For me Its an LPE Because usable creds imply local entitlements and because RCE traditionally doesn’t need creds to be RCE
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
This Tweet is unavailable.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.