Utilisateur anonyme

@TwoSevenOneT But if you delete the symlink Windef doesn't know where to find its folder and doesn't work anymore 🫤

@Jetwitte9 You can go to CMD in Advanced Boot and delete created symlink

#redteam You can exploit the update functionality vulnerability of #Windows Defender to move its executable folder to a location of your choosing. After that, you can use DLL Sideloading for persistence, inject code, or simply disable it... #blueteam

@HacklikeHacker @hackthebox_eu @hackinarticles @hackplayers Hi man! I came across your write-up for this box on your blog, could you explain how you came across the LFI with the pattern "mvg:<FILE>[20x20+20+20]" ? I can't find anything that would explain how to find this technique (the ImageTragick articles don't talk about this scheme)

Intentions HTB Pwned Thank you htbas9du for creating this box. @hackthebox_eu @hackinarticles @hackplayers #hacker #hackthebox #hacking

@an0n_r0 What version did you use? I can confirm it works on Windows 10 21H1 but not on 22H2

Meterpreter + Metasploit is absolutely awesome. And anyway, it is not even certain that Defender will catch it: add the stageless payload using basic encoding into a template exe (thread exec), disable autoload of stdapi (you can load it later after callback), and that's all. 💥

@BlackArrowSec @antuache @_Kudaes_ Tested on a Windows 10 19044.1288 version and it doesn't work????? I verified with ProcMon if the dll is loaded and it is but the command is never executed (I tried different one)

Windows Local Privilege Escalation via StorSvc service (writable SYSTEM path DLL search order Hijacking) /cc @antuache @_Kudaes_ ➡️ github.com/blackarrowsec/…

Hello @tryhackme! I organize with current and former students of my cybersecurity promotion an cybersecurity event! We would really like to be sponsored by TryHackMe for this event, is there a way we could discuss for a sponsorship?

#FixUltimateOnline 🖥️ youtu.be/c5YzfYLkn-A