Hmm, I'm not trying to be argumentative, I respect your opinion, just trying to understand your reasoning. We agree that "psexec" is not an RCE vuln, right?
-
-
another RCE vector for Windows OSs, WINDOWS+R type \\any-domain-pc [ENTER] type domain creds, w00t! you have an RCE!!!

-
That doesn’t allow code execution.
- 28 more replies
New conversation -
-
-
Is there such a thing as RPE? :)
-
Ha, I like this. It's certainly not just local, so privesc (including remote vector) or RPE is fine by me.
- 1 more reply
New conversation -
-
-
If you set authorized_keys "command" for all non-sudo users, and they could still run their own commands remotely would that be LPE or RCE or other?
-
Essentially they have privileges to run a command, and can escalate to any command, so privilege escalation. The Local in LPE is a bit misleading in this case, RCE is already allowed so not the perfect label but more accurately gives a clue to the real world impact.
- 4 more replies
New conversation -
-
-
Authenticated RCE vs Un-Autheticated RCE goes a long waypic.twitter.com/GKoGq1btUN
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

