Windows Vulnerabilities

Securing Microsoft Azure Environment

Blog Post

Security Vulnerabilities

Given the noticeable upward trend in Azure adoption, let’s explore more about Azure security, compliance, and its other rich capabilities. In this post we’ll just touch on big picture and what is important to securing your Azure environment.

Read more

Exploitation of Remote WCF Vulnerabilities

Blog Post

Windows Vulnerabilities

In this blog, we’ll be discussing the discovery, analysis, and exploitation of CVE-2019-8917 which is a remotely exploitable WCF vulnerability that we discovered in SolarWinds Orion NPM 12.3.

Read more

MiTM Attack Between Target Windows Machines and a DNS Server

Blog Post

Man-in-The-Middle (MiTM) Attacks

When performing this attack, we will find two different scenarios. #1: the attacker machine, the victim, and the DNS server are all in the same network segment. #2: the attacker machine is in the same network segment of the Windows victims and the DNS server is placed in another network segment.

Read more

Windows Userland Application Attack Surface Enumeration

Blog Post

Windows Vulnerabilities

Inside the domain of vulnerability research, many different methodologies exist for how a researcher may start their journey with auditing an application. This blog provides information on how to enumerate the attack surface of userland applications that are deployed on the Windows operating system.

Read more

Abusing Insecure Windows Communication Foundation (WCF) Endpoints

Presentation

Exploitation of Vulnerabilities

A trend that the VerSprite Research team noticed in .NET services is the exposure of dangerous methods through insecure WCF endpoints. Download this presentation for a high-level overview of the WCF terminals and receive a practical analysis.

Read more

Abusing Insecure Windows Communication Foundation (WCF) Endpoints

Blog Post

Exploitation of Vulnerabilities

During an audit of several Windows VPN services, we identified several WCF endpoints that offered direct control of command line parameters used in the creation of an elevated process. This allowed for local privilege escalation to the SYSTEM user.

Read more

We are an international squad of professionals working as one.

Email

[email protected]

logos