Tag: Exploitation of Vulnerabilities

Any time you swipe a card to make a purchase or utilize a self-checkout kiosk, a Point-Of-Sale system is responsible for handling the intricacies of your transaction in the background.

During an audit of several Windows VPN services, we identified several WCF endpoints that offered direct control of command line parameters used in the creation of an elevated process. This allowed for local privilege escalation to the SYSTEM user.

Throughout my testing and implementation of JEA in a private network I was able to discover more reasons why JEA is such an underused but powerful tool.

Imagine this scenario: You are a systems engineer. You are tasked with managing user and group access controls. Your company’s two person NOC team has admin rights to perform triage work. Eventually, you discover that your company is compromised and has been for an unknown length of time.