Windows
A trend that the VerSprite Research team noticed in .NET services is the exposure of dangerous methods through insecure WCF endpoints. Download this presentation for a high-level overview of the WCF terminals and receive a practical analysis.
Read more
Fabius Watson
During an audit of several Windows VPN services, we identified several WCF endpoints that offered direct control of command line parameters used in the creation of an elevated process. This allowed for local privilege escalation to the SYSTEM user.
We are an international squad of professionals working as one.
Email
Phone
