Privilege Escalation 21
- The PrintNightmare is not Over Yet
- A Practical Guide to PrintNightmare in 2024
- Fuzzing Windows RPC with RpcView
- An Unconventional Exploit for the RpcEptMapper Registry Key Vulnerability
- Windows RpcEptMapper Service Insecure Registry Permissions EoP
- Windows .Net Core SDK Elevation of Privilege
- CVE-2020-1170 - Microsoft Windows Defender Elevation of Privilege Vulnerability
- Chimichurri Reloaded - Giving a Second Life to a 10-year old Windows Vulnerability
- PrintSpoofer - Abusing Impersonation Privileges on Windows 10 and Server 2019
- Windows DLL Hijacking (Hopefully) Clarified
- Windows Server 2008R2-2019 NetMan DLL Hijacking
- CVE-2020-0863 - An Arbitrary File Read Vulnerability in Windows Diagnostic Tracking Service
- CVE-2020-0787 - Windows BITS - An EoP Bug Hidden in an Undocumented RPC Function
- CVE-2020-0668 - A Trivial Privilege Escalation Bug in Windows Service Tracing
- CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM
- Give Me Back My Privileges! Please?
- Weaponizing Privileged File Writes with the USO Service - Part 2/2
- Weaponizing Privileged File Writes with the USO Service - Part 1/2
- Windows Privilege Escalation - DLL Proxying
- CVE-2019-19544 - CA Dollar Universe 5.3.3 'uxdqmsrv' - Privilege Escalation via a Vulnerable SUID Binary
- CVE-2017-13130 - BMC Patrol 'mcmnm' - Privilege Escalation via a Vulnerable SUID Binary