Clik here to view.
Exploit credentials stored in Windows Group Policy Preferences
Group Policy preferences are a new feature set available since Windows Server 2008, which shouldn’t be confused with the well known Group Policy objects (GPOs) dating back to Windows NT. The main idea...
View ArticleImpact of IIS 7.5 Service Accounts for file system audits
Introduction It can be very tricky to analyze the relevant service account and its file system permissions in order to evaluate if a compromised ASP.NET application can access sensitive resources (file...
View ArticleClik here to view.
Access control in Windows
According to [Access Control, 2013], “Access control refers to security features that control who [sic] can access resources in the operating system. Applications call access control functions to set...
View ArticleClik here to view.
No need to break in, use the backdoor
The idea Some time ago I read a tweet about hunting so-called “sticky-keys backdoors”, referencing a presentation at DEFCON 24, https://www.youtube.com/watch?v=EAYtRQKfna0 In addition to the...
View Article
