Windows 10 Privilege Escalation (Sound Research SECOMN service) https://github.com/sailay1996/SECOMN_EoP …pic.twitter.com/PkK4d3LWNp
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
If I put a DLL in that user-writable directory and check after the next reboot? calc.exe as SYSTEM The more software you install, the more possibilities you get. This is why I concluded that finding a service to target is not a problem. The user-writable directory is the problem.pic.twitter.com/R74LHSinZV
So you say that if i have ANY user writable PATH Environment Variable folder nearly every service searches there for the DLL files in the default search order? Or do they only search there for missing files? I could have exploited this config in the past many times :-/
Ok. But you’re running procmon as admin AMIRITE
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.