Thread replies: 47
Thread images: 4
Thread images: 4
WINDOWS COMPLETELY COMPROMISED
https://github.com/Cybellum/DoubleAgent
>>
>>59559555
>DoubleAgent is a new Zero-Day
>a 15 years old legitimate feature of Windows
Nice DLL injector, anon.
>>
>>59559620
Did you ever bother reading or are you spouting bullshit pretending to know what you're talking about? DLL injections is nothing new, that's correct, but it bypasses all of the security checks, normally with permission setups, AVs and other stuff you can't just inject into a process and this allows to do just that.
>>
>>59559555
>cannot be patched
bravo Microsoft
>>
>>59559650
Yeah that's actually pretty neat. Downloading naow into a XP vm. :^)
>>
>>59559555
>Tel Aviv, Israel
>>
>>59559650
No, you have no idea what you're talking about. This is fucking ancient. The "exploit" is literally just a program that creates some registry keys. NVIDIA has used this mechanism to support Optimus, and Microsoft uses it to support SharePoint. And the implications of this technique for security and application stability have been known for years.
>>
>59559555
>555
>Tel Aviv, Israel
>>
>>59560120
>insecure by design
>>
>>59559555
what can this do?
>>
>WINDOWS COMPLETELY COMPROMISED
Yeah, Snowden told us about this like four years ago.
>>
>>59560562
It allows an attacker to have their DLL loaded into every process on the system, which gives the DLL a chance to patch the process. This can be used for malicious purposes, telemetry, or even as a way to patch in new functionality. However, for the "exploit" to work it has to run with administrator privileges. So you'd either have to run a malicious program with administrator privileges yourself (which gives AV a chance to warn you), or you'd have to fall victim to a remote code execution exploit on a program with administrative privileges (somewhat unlikely, especially if you keep everything up to date).
>>
>>59560810
Currently there's an easy exploit where you can force a Administrative command prompt that allows you to install anything as admin
So it's not that hard to install this exploit onto a target computer
>>
>>59559555
>>59560555
> Two 555's in one thread
what does this mean
>>
The system's already thoroughly compromised before this even has any effect. There are much better persistence methods. This isn't news.
>>
>>59560905
If you're talking about the "sticky keys" exploit, that's useless for a unprivileged attacker because it requires privileged access to the very same key as this exploit.
>>
>>59560768
and nobody cared
wikileaks told the world last week the cia also does the same thing, and guess what, nobody cared either
>>
>>59561008
>There are much better persistence methods
Such as?
>>
>>59561064
"Nobody" cared because of two reasons:
a. they're stupid americans
b. they already knew that (a.k.a. not americans)
>>
>>59562620
Woke foreigner alert.
Burgers on suicide watch.
>>
>requires executing an unknown, unsigned, binary to become infected
1997 called, they want their malware back
>>
>>59559555
You're the kind of retard that would install an antivirus because you can't tell the difference between XXXHotPorn.mp4 and XXXHotPorn.mp4.exe
>>
>>59559555
>Not stealthy at all
it's shit
make one using SMM or ME
>>
>>59562620
>imagine being this european
>>
Still better than any lincuck shitro
>>
>>59560908
It means that you can make two atari punk consoles using this thread
>>
>using micro*oft products
>2017
>>
>>59559555
If you're surprised about a security hole in Windows you're on the wrong board, anon.
>>
>>59560120
That sounds even worse. Microsoft should get rid of all that cruft but they already made all his customers to depend on their solutions so they can't touch anything now.
>>
>>59560768
Consider that most people was trained into using ME products from a young age and that Microsoft has deals with most institutions so is normal that windows will always receive a free pass for almost anything from that people.
>>
>>59563282
>t. confused gamer
>>
>>59562620
I'm a burger, and I care, but then again I already knew. I've been following this shit since before Snowden.
>>
>>59559555
>WINDOWS COMPLETELY COMPROMISED
It has always been compromised.
>>
>>59560810
>So you'd either have to run a malicious program with administrator privileges yourself (which gives AV a chance to warn you)
So can be avoided with common sense.
Its your average malware then.
>>
>>59559555
>WINDOWS COMPLETELY COMPROMISED
Do you have any news that doesn't date back to the late 1800's?
>>
>>59559555
>github
fuck off double nigger
pastebin or KYS
>>
>>59559555
>requires the user to run malware as administrator
>exploit
>>
>>59567067
what's wrong with github?
>>
>>59568130
It is run by CIA niggers.
>>
How is this a zero day when it's published on GitHub?
>>
Red Hat, Inc. has deposited $1 into your account.
>>
>>59568123
>combine with priledge execution exploit
ur fucking finnish this time kiddo
>>
>>59559555
Wincucks BTFO
>>
File: 1488398511653.png (47KB, 721x531px) Image search:
[Google]
47KB, 721x531px
>>59563282
t. wincuck
>>
>>59570088
If you have both a remote execution and a privilege escalation exploit then this silly "feature exploit" is the least of your problems.
>>
>>59559555
Your hardware is already compromised so its a moot point
>>
File: 1468633155322.jpg (51KB, 415x392px) Image search:
[Google]
51KB, 415x392px
>>59571263
>windows is a service
Thread posts: 47
Thread images: 4
Thread images: 4