Collaborate Disseminate
According to this answer from a question:
when you press Ctrl+Alt+Del, you can be sure that you’re typing your password in the real login form and not some other fake process trying to steal your password.
But let’s say an attacker clone… Continue reading What stops malicious code spoofing a Ctrl+Alt+Del login form by allowing only part of the phrase?
Some of you might know privacy.sexy. It gives you plenty of options regarding your Windows privacy and security settings. However, after a major Windows update, those settings will be reset by Windows.
I developed some code to keep my sett… Continue reading How to force persistent privacy & security best practice settings on Windows
I came across a strange group policy setup once and was wondering if anyone can make sense of it. We were NOT allowed to run executables that were stored on the local disk or network drives, but we could run executables that were on a USB … Continue reading Difference between running executable from disk vs removable media
I have a target that is configured to run winget installers as admin, are there any packages I could install that’d give me priv esc?
Continue reading Need help with possible privilege escalation using winget installer
I am trying to do a proof of concept where I use technique T1574.010. In this technique, I should rewrite the binpath of some service in Windows 10 so that when the service starts again the payload that I want is executed, which in this ca… Continue reading Proof of concept: Services File Permissions Weakness (T1574.010)
I need to prepare my web app for a penetration test. The scenario is: If one of our windows users is hacked, what can the hacker do to my app and my database?
I have a virtual machine on our server, which holds a SQL Server Express and a d… Continue reading How to secure a SQL Server database (windows auth) against a network windows user (penetration test)
I have a Lenovo laptop and it had Lenovo Vantage installed. I attempted to uninstall it using Windows’ “Apps & features”, but it couldn’t locate the uninstaller’s .exe. Nagigation to said .exe and attempting to run it would do nothing … Continue reading Uninstalling Lenovo Vantage & Understanding Denied Permissions [migrated]
I have a Lenovo laptop and it had Lenovo Vantage installed. I attempted to uninstall it using Windows’ “Apps & features”, but it couldn’t locate the uninstaller’s .exe. Nagigation to said .exe and attempting to run it would do nothing … Continue reading Uninstalling Lenovo Vantage & Understanding Denied Permissions [migrated]
I have a Lenovo laptop and it had Lenovo Vantage installed. I attempted to uninstall it using Windows’ “Apps & features”, but it couldn’t locate the uninstaller’s .exe. Nagigation to said .exe and attempting to run it would do nothing … Continue reading Uninstalling Lenovo Vantage & Understanding Denied Permissions [migrated]
I have:
domain controller
multiple domain users
multiple windows workstations (client of this domain).
The windows workstation are physical fresh new computers. No configuration has been made on it, except joining the domain.
There is 3 … Continue reading Domain user permissions on physical machines [migrated]