I've confirmed that this works well in a fully-patched 64-bit Windows 10 system. LPE right to SYSTEM! https://twitter.com/SandboxEscaper/status/1034125195148255235 …
-
-
Hoho, I considered releasing this. Still on the fence about doing it.
-
All of the pieces have all been there for the public to see since Monday, and well documented at that. It's only a matter of time...
- 3 more replies
New conversation -
-
-
bugs involving DACL changes are the best bugs. A Procmon filter on “SetSecurityFile” for “DACL: Unprotected” is especially the best :-)
-
Indeed. And here we have the recent ByeBear exploit using Windows AppX Deployment Service to set DACL: Unprotected to a hard-linked file (to c:\windows\win.ini in this case).pic.twitter.com/lMKl25w7H4
- 1 more reply
New conversation -
-
-
Got it working here yesterday as well on win7 (also using spoolsv). Curious about infocard.exe now. How is that one started?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.