Browsed by
Author: Joe Dibley

Joe is a Security Researcher at STEALTHbits Technologies. An expert in Active Directory, Windows, and a wide variety of enterprise software platforms and technologies, Joe researches new security risks, complex attack techniques, and associated mitigations and detections.
Using CTFTOOL.exe to escalate privileges by leveraging Text Services Framework; and mitigation processes and steps

Using CTFTOOL.exe to escalate privileges by leveraging Text Services Framework; and mitigation processes and steps

Overview In this post, I will be looking at a new exploit that leverages a weakness in Microsoft Windows Text Services Framework to launch a child process that allows for the escalation of privileges. I will give a brief overview of what the Text Services Framework service does, what the exploit is, and how it could be used. Then, I will go into more detail about how to run the exploit and different methods that can be used for detection…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.