ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    AtomBomb

    Scheduled Pinned Locked Moved News
    windowssecurityinsecure
    2 Posts 2 Posters 817 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stacksofplatesS
      stacksofplates
      last edited by

      http://www.ghacks.net/2016/10/29/atombombing-zero-day-windows-exploit/

      http://www.securityweek.com/atombombing-windows-vulnerability-cannot-be-patched

      And if you want to play (since it's not an exploit but they built it on purpose):

      https://github.com/BreakingMalwareResearch/atom-bombing

      1 Reply Last reply Reply Quote 0
      • tonyshowoffT
        tonyshowoff
        last edited by

        So if it doesn't provide privilege escalation and only allows you to access processes which you are running, then how is it really any different from any normal hooking? So yes, it's unpatchable in the same way deleting all the files in your own home directory in Unix is unpatchable.

        Looking at the code as well... we were doing this stuff years ago to see what was being sent wrapped in SSL for reverse engineering purposes, because tcpdump or whatever couldn't read it.

        1 Reply Last reply Reply Quote 0
        • 1 / 1
        • First post
          Last post