what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 118 RSS Feed

Files from Stefan Kanthak

Email addressstefan.kanthak at nexgo.de
First Active2007-10-22
Last Active2023-06-08
Microsoft HVCIScan DLL Hijacking
Posted Jun 8, 2023
Authored by Stefan Kanthak

Microsoft's HVCIScan binary suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 865ceea55981bfe42ef02662844aae4e83d864301172df9484458a4ffd66687f
Microsoft User Account Control Nuances
Posted Mar 17, 2023
Authored by Stefan Kanthak

This write up is an overview of how Microsoft's attempts to manage elevated access to executables via registry entries has added over complexity that still allows for escalation.

tags | advisory, registry
SHA-256 | b1516a79355be52fa5902480223a989e031dabbe42f666f261b68eb25bbb8331
Microsoft Windows UTF-8 Buffer Overruns
Posted Feb 15, 2023
Authored by Stefan Kanthak

When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions.

tags | advisory, overflow
systems | windows
SHA-256 | fd54b53140cb0a9c16fc5520fcb15b03b3915d1e37bb7f97c426270dfbc79e9b
Microsoft CMD.EXE Integer Overflow
Posted May 11, 2022
Authored by Stefan Kanthak

Microsoft's CMD.EXE suffers from an integer overflow vulnerability that can cause a denial of service.

tags | exploit, denial of service, overflow
SHA-256 | 0dd89aa95efb736688b5ffc10611f37891e22e136b3e6479a503952ce6a9f6e3
Microsoft ACL Shortcomings
Posted May 18, 2021
Authored by Stefan Kanthak

The way Microsoft Windows implements file security appears to have some significant shortcomings.

tags | exploit
systems | windows
SHA-256 | 1a9d53b83691e86720f4c510191f9bc7a7352b1a697239a933f41958c7ec6982
Microsoft Windows UAC Privilege Escalation
Posted Apr 30, 2021
Authored by Stefan Kanthak

Microsoft Windows can dupe users into trusting executables with DLL hijacking and privilege escalation issues.

tags | exploit
systems | windows
SHA-256 | cb269dbc3308c3e9fbe0001388d76caee981689af8bcb73404441bdd457de392
Microsoft SAFER Bypass
Posted Apr 30, 2021
Authored by Stefan Kanthak

A new SAFER bypass was discovered that affects older versions of windows.

tags | exploit
systems | windows
SHA-256 | af2bc8f393023dfcfdbaf3b86d4f45468c9560916410eab2deed331e64585960
Windows 10 Wi-Fi Drivers For Intel Wireless Adapters 22.30.0 Privilege Escalation
Posted Apr 25, 2021
Authored by Stefan Kanthak

Windows 10 Wi-Fi Drivers For Intel Wireless Adapters version 22.30.0 suffer from a privilege escalation vulnerability.

tags | exploit
systems | windows
SHA-256 | 32a3533c7499f0b1656df4f46d4c4091cf67f7d914aa53d3ffec372e45979b20
Intel RST User Interface / Driver Privilege Escalation
Posted Mar 24, 2021
Authored by Stefan Kanthak

Intel Rapid Storage Technology (RST) User Interface and Driver suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 6c71160434a8022aa6306e32ffb5e3ea17e9aa3bb0bf6410c87cef4fc16fae95
Mozilla Arbitrary Code Execution / Privilege Escalation
Posted Mar 9, 2021
Authored by Stefan Kanthak

Mozilla has a flurry of random vulnerabilities surrounding their installers that haven't been addressed in quite some time.

tags | advisory, vulnerability
advisories | CVE-2014-1520
SHA-256 | b102795220f359831e9aaf51558fd518c42ae77372b502782bce1f141699f749
Microsoft Windows Unsafe Handling Practices
Posted Jul 27, 2020
Authored by Stefan Kanthak

This post outlines multiple unsafe practices in Microsoft Windows that can allow for local privilege escalation.

tags | exploit, local
systems | windows
SHA-256 | 4bc0ba08bfeebdf7043e5c7d7060e65bdb0c48ca36fa23fc83ebabb77e5ff80d
Intel Processor Identification Utility 6.0.0211 Privilege Escalation
Posted Jan 31, 2020
Authored by Stefan Kanthak

Intel Processor Identification Utility version 6.0.0211 suffers from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | 18b5a81e1da4cff60545121275526325503d467e4282f7ffac69136bae2a23cd
TrendMicro Anti-Threat Toolkit Improper Fix
Posted Jan 30, 2020
Authored by Stefan Kanthak

The fix that was applied to address a code execution vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) was insufficient.

tags | exploit, code execution
advisories | CVE-2019-20358, CVE-2019-9491
SHA-256 | b9b4e23fba87a6da6a86f939c567edd6b4d826078dea81dcf76c39a0ac44882c
Microsoft Windows 10 DLL Search Path
Posted Jan 29, 2020
Authored by Stefan Kanthak

With Windows 10 1607, Microsoft introduced the /DEPENDENTLOADFLAG linker option, a security feature to restrict or limit the search path for DLLs. Two bugs exist with this attempt to limit access.

tags | advisory
systems | windows
SHA-256 | 04f3f470ca90a3089624ef754a9f8aa5c4419a8bfbfe2910545dd4901e3c35cf
Windows Escalate UAC Protection Bypass Via Dot Net Profiler
Posted Nov 19, 2019
Authored by Stefan Kanthak, Casey Smith, bwatters-r7 | Site metasploit.com

Microsoft Windows allows for the automatic loading of a profiling COM object during the launch of a CLR process based on certain environment variables ostensibly to monitor execution. In this case, the authors abuse the profiler by pointing to a payload DLL that will be launched as the profiling thread. This thread will run at the permission level of the calling process, so an auto-elevating process will launch the DLL with elevated permissions. In this case, they use gpedit.msc as the auto-elevated CLR process, but others would work, too.

tags | exploit
systems | windows
SHA-256 | dca3da70d2a2d1b66b1779e541ee7478df88bc4ec265fa33d2fffcb756920230
Intel Rapid Storage Technology User Interface And Driver 15.9.0.1015 DLL Hijacking
Posted Nov 16, 2018
Authored by Stefan Kanthak

Intel Rapid Storage Technology User Interface and Driver version 15.9.0.1015 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 6e7d0ae7e36d2519f2a95dd01eee53eeefd5b81452a1fdfc32e7ec88cc304a15
Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation
Posted Sep 28, 2018
Authored by Stefan Kanthak

Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, code execution
SHA-256 | 8ee640f811b6221313c74122f57a246a37deeed23bca3a80d265d6c2180dfcda
Rufus 3.0 / 3.1 Privilege Escalation
Posted Aug 6, 2018
Authored by Stefan Kanthak

Rufus versions 3.0 and 3.1 suffers from dll hijacking vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 902541262838af7644c131737527c42bf33c37e8fdf9cfe5b3446450ac936b8c
VMWare Player 12.5.9 Privilege Escalation / Denial Of Service
Posted Aug 2, 2018
Authored by Stefan Kanthak

VMWare Player version 12.5.9 suffers from denial of service and privilege escalation vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | windows
SHA-256 | 3597a0b8fd935bf73b872a863ad3b14ceb32e92df0c2d8514ae39dca10072a46
VMWare Player 7.1.3 DLL Hijacking
Posted Aug 2, 2018
Authored by Stefan Kanthak

VMWare Player version 7.1.3 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2016-7085
SHA-256 | addcd36bab152a4fb435a7853f4b0fce8c524da8267470db669eaea6231daef3
Intel Processor Diagnostic Tool (IPDT) Privilege Escalation
Posted Jul 4, 2018
Authored by Stefan Kanthak

Intel Processor Diagnostic Tool (IPDT) versions prior to 4.1.0.27 suffer from three code execution and privilege escalation vulnerabilities.

tags | exploit, vulnerability, code execution
advisories | CVE-2018-3667, CVE-2018-3668
SHA-256 | c6970c00b903e7c20f1d36cf862c9883331d5c92e439e99f419b8b4d7ab7809e
Mozilla Executable Installer DLL Hijacking
Posted Feb 20, 2018
Authored by Stefan Kanthak

Mozilla's executable installers are vulnerable to dll hijacking.

tags | advisory
systems | windows
SHA-256 | 667fb44cb2aa120fbd61c8117b32b9ec85ae2bc46b83d6b9d112e9bfb4199dc9
Microsoft Skype DLL Hijacking
Posted Feb 9, 2018
Authored by Stefan Kanthak

Microsoft's Skype home-grown updater suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 216eae84a9fa62444079df49cbfe75e118c010a069585d13c866dc34ddeb3837
PostgreSQL 10 Installer For Windows DLL Hijacking
Posted Oct 10, 2017
Authored by Stefan Kanthak

The PostgreSQL 10 installer for Windows suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 53508de2e1b750287c30bbe3c9bca27c1d738c50051878d731c03da7ff37006c
Kaspersky Privacy Cleaner DLL Hijacking
Posted Sep 12, 2017
Authored by Stefan Kanthak

Kaspersky Privacy Cleaner suffers from insecure transit, DLL hijacking, and various other security vulnerabilities.

tags | advisory, vulnerability
systems | windows
SHA-256 | 8f2810bd5ad744f949537fc25373ace8e43e63a2c6c16725e840e49ca14d8c20
Page 1 of 5
Back12345Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    18 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    31 Files
  • 30
    May 30th
    22 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close