I think you're confused about whitelisting. I think you're doing this: Step 1. Find a "built-in" that lets you do what you want. Step 2. ??? Step 3. Arbitrary code execution.
-
-
Spell it out for me, I want to run wmic.exe on your computer and you have whitelisting installed, what do I do next? Let's imagine you're a regular user who can be easily tricked to running any attachment, downloading and running files, etc.
3 replies 0 retweets 2 likes -
Use wmic to turn off application whitelisting (almost all of them are registry entries - at worst case set the service to disabled at boot). Then proceed as usual.
3 replies 2 retweets 5 likes -
Replying to @GossiTheDog @da_667 and
That's a good Step 3, but first you need to get to the point where you can run wmic.exe (the Step 2). That's the bit I'm lost on.
1 reply 0 retweets 0 likes -
This Tweet is unavailable.
-
Cool, so we've reached this: Step 1. Find "built-in" Step 2. ??? Step 3a. Open a command prompt. Step 3b. Use wmic.exe to turn off whitelisting. Step 3c. Arbitrary code execution.
0 replies 0 retweets 0 likes -
This Tweet is unavailable.
-
Absolutely nothing, that's an excellent Step 3d. If we can just get that Step 2 solved, we can hack the planet. Unfortunately the whole point of whitelisting is to make Step 2 impossible without a 0day.
0 replies 0 retweets 0 likes -
This Tweet is unavailable.
That's exactly what whitelisting prevents. You need a whitelist bypass to run the script first, which is what you guys are supposed to be explaining to me.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.