Exploitation of Vulnerabilities

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

Blog Post

Windows Vulnerabilities

When performing vulnerability research, it is essential to make sure that all attack vectors concerning exploitation are exhausted. One avenue of exploitation comes from the Windows registry.

Read more

Microsoft Windows Remote Code Execution (RCE) Vulnerability: BlueKeep

Blog Post

Security Vulnerabilities

On June 17, 2019 the Department of Homeland Security (DHS) issued an alert for the Microsoft Windows Remote Code Execution (RCE) vulnerability named BlueKeep and CVE-2019-0708.

Read more

OH The POSsibilities: Point of Sale System Security

Blog Post

Exploitation of Vulnerabilities

Any time you swipe a card to make a purchase or utilize a self-checkout kiosk, a Point-Of-Sale system is responsible for handling the intricacies of your transaction in the background.

Read more

Exploitation of Remote WCF Vulnerabilities

Blog Post

Windows Vulnerabilities

In this blog, we’ll be discussing the discovery, analysis, and exploitation of CVE-2019-8917 which is a remotely exploitable WCF vulnerability that we discovered in SolarWinds Orion NPM 12.3.

Read more

Windows Userland Application Attack Surface Enumeration

Blog Post

Security Vulnerabilities

Inside the domain of vulnerability research, many different methodologies exist for how a researcher may start their journey with auditing an application. This blog provides information on how to enumerate the attack surface of userland applications that are deployed on the Windows operating system.

Read more

Abusing Insecure Windows Communication Foundation (WCF) Endpoints

Presentation

Exploitation of Vulnerabilities

A trend that the VerSprite Research team noticed in .NET services is the exposure of dangerous methods through insecure WCF endpoints. Download this presentation for a high-level overview of the WCF terminals and receive a practical analysis.

Read more

Abusing Insecure Windows Communication Foundation (WCF) Endpoints

Blog Post

Exploitation of Vulnerabilities

During an audit of several Windows VPN services, we identified several WCF endpoints that offered direct control of command line parameters used in the creation of an elevated process. This allowed for local privilege escalation to the SYSTEM user.

Read more

[Video] Abusing Insecure WCF Endpoints

Video

Windows Vulnerabilities

Watch the video of VerSprite’s Security Research presentation at Ekoparty 2018 on Abusing Insecure WCF Endpoints. A trend that the VerSprite Research team noticed in .NET services is the exposure of dangerous methods through insecure WCF endpoints. Most of these services are started automatically as LocalSystem, which is the highest user privilege level available.

Read more

Swimming in the Deep End: Taking a Deeper Look at the Use Cases of JEA

Blog Post

Exploitation of Vulnerabilities

Throughout my testing and implementation of JEA in a private network I was able to discover more reasons why JEA is such an underused but powerful tool.

Read more

We are an international squad of professionals working as one.

Email

[email protected]

logos