The unholy zero-day concoction, reported to Microsoft in September and still unpatched, is a reliable way of p0wning Windows for attackers that have managed to pop user machines.
Breen released exploit code for his attack dubbed Hot Potato following his talk at the Shmoocon conference in Washington over the weekend. "Hot Potato takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay -\- specifically HTTP-SMB relay - and NBNS spoofing," Breen says.
"Using this technique, we can elevate our privilege on a Windows workstation from the lowest levels to NT Authority/System – the highest level of privilege available on a Windows machine. "This is important because many organisations unfortunately rely on Windows account privileges to protect their corporate network."
http://theregister.co.uk/2016/01/20/hot/
No comments:
Post a Comment
Be respectful of others and don't hate. I don't tolerate hate speech of any kind.