Browsed by
Category: Security

Using CTFTOOL.exe to escalate privileges by leveraging Text Services Framework; and mitigation processes and steps

Using CTFTOOL.exe to escalate privileges by leveraging Text Services Framework; and mitigation processes and steps

Overview In this post, I will be looking at a new exploit that leverages a weakness in Microsoft Windows Text Services Framework to launch a child process that allows for the escalation of privileges. I will give a brief overview of what the Text Services Framework service does, what the exploit is, and how it could be used. Then, I will go into more detail about how to run the exploit and different methods that can be used for detection…

Read More Read More

Understanding Passwords and Their Problems

Understanding Passwords and Their Problems

What’s The Problem? Today, with the Internet, social media, personal computers, online banking and everything else that exists, end-users need to create and maintain a large number of usernames and passwords for all of the accounts they have. This begins to create a problem. The many accounts we need to remember leads us to want to share passwords between different platforms, potentially including our work accounts. This is just one of the few contributors to the many password problems that…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.