Jump to content

Welcome to NulledBlog
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

Uac Bypass Vulnerability In Windows Script Host


  • Please log in to reply
37 replies to this topic

#1
akiralakame

  • Offline
  • New Member

  • PipPip
  • Posts:
    10
    Reputation:
    5
    Joined:
    02 Jul, 2015

The Windows Script Host executables suffer from a vulnerability due to a missing embedded manifest. This allows the script host executables to be copied to another system directory and allows a manifest to be applied to the executable. This manifest allows to execute the script host with administrative rights. 
Both ZDI and Microsoft are aware of this issue, expectedly ZDI didn't accept the admission because it's not a remote vulnerability. Surprisingly Microsoft didn't accept the vulnerability because "UAC isn't considered a security boundary".
Only Windows 7 is vulnerable, Windows 8 has a embedded manifest and Windows 10 is untested.

Hidden Content
You'll be able to see the hidden content once you reply to this topic.


Edited by akiralakame, 03 September 2015 - 10:59 PM.

  • 5

Did Yorainbow%2Bfrog%2BMLG%2Bchain%2Bbowtie.giFeel that bass?

The Rainbow Frog did


#2
empyrials

  • Offline
  • Lurker

  • Posts:
    8
    Reputation:
    1
    Joined:
    04 Sep, 2015
see
  • 1

#3
tupley

  • Offline
  • Advanced Member

  • PipPipPipPip
  • Posts:
    82
    Reputation:
    1
    Joined:
    03 Aug, 2015

ty


  • 0

#4
klawar23a

  • Offline
  • Lurker

  • Posts:
    8
    Reputation:
    0
    Joined:
    05 Sep, 2015

see


  • 0

#5
Rayato2001

  • Offline
  • Member

  • Posts:
    27
    Reputation:
    2
    Joined:
    14 May, 2015

ty


  • 0

#6
abdullahazad

  • Offline
  • Addicted

  • Posts:
    214
    Reputation:
    1
    Joined:
    19 May, 2015

ty


  • 0

#7
qhwl1234

  • Offline
  • Lurker

  • Posts:
    9
    Reputation:
    0
    Joined:
    13 Aug, 2015

tr


  • 0

#8
her0fpl

  • Offline
  • Member

  • PipPipPip
  • Posts:
    54
    Reputation:
    -2
    Joined:
    29 Aug, 2015

Let me see this, need to check it out, thanks man!!! :D


  • 0

#9
mylittleboy

  • Offline
  • Lurker

  • Pip
  • Posts:
    4
    Reputation:
    0
    Joined:
    02 Sep, 2015

ty..


Edited by mylittleboy, 07 September 2015 - 01:19 AM.

  • 0

#10
StarGame

  • Offline
  • Member

  • Posts:
    69
    Reputation:
    23
    Joined:
    26 Aug, 2015

Let me see bro


  • 0


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users