it seems patched on 18362.295, however on 18362.239 I could not write to /windows/Temp as a lowpriv fellow. This restriction can be obviously bypassed by creating a c:\temp folder and edit line 424 to: set r2 5c504d45545c3a63https://twitter.com/taviso/status/1161277080723529728 …
-
-
Anyhow, I am wondering how the patch from today has been implemented, do you have any insights?
-
My understanding is they now verify matching session on connect and fixed the memory corruption bugs - I don't think this is a complete fix (and there for sure will be more memory corruption), but will need some time to analyze it.
End of conversation
New conversation -
-
-
I think I'll implement your solution, not sure if I should make it the fallback or default though!https://github.com/taviso/ctftool/issues/2 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
research today, a major design flaw in Windows that's existed for almost *two decades*. I wrote a blog post on the story of the discovery all the way through to exploitation.