antonioCoco

icon indicating a website link https://splintercod3.blogspot.com/

icon location Italy icon location @splinter_code | offensive security - windows internals - reverse engineering

Results 7 issues of antonioCoco

Bug in AES decryption agent c# code

The agent webshell has a bug that converts the returned decrypted blob data into a string and then converts it back to an array of bytes. While it seems there...

bug

JuicyPotato trigger does not work anymore in Windows pre 2019

On windows server prior to 2019 version the JuicyPotato trigger (the one not requiring an external oxid resolution) does not work anymore. It seems that at certain point in time...

bug

Bug in RPC capture server

The RPC capture server in charge to grab the ntlmv2 response is using the hardcoded value 268 to hold the data. While there are no particular bugs found on the...

bug
enhancement

EnableAllPrivileges can be optimized

The current implementation of EnableAllPrivileges() enable a list of hardcoded privileges by their names. The code should be refactored to dynamically retrieves the privileges from the token leveraging the function...

refactoring

GetTokenIntegrityLevel never returns SYSTEM IL

There is a bug in the function GetTokenIntegrityLevel function which will never returns a SYSTEM IL for a token. While this should be never problematic due to the fact logon...

bug

IsLimitedUserLogon function improvements

The IsLimitedUserLogon function is a useful feature that suggests if other more powerful logon are available to the user. The current logic first check some token properties like TokenElevation and...

enhancement

Bypass UAC flag issues with winrm shell

There are some issues when running the --bypass-uac flag while running from a WinRM shell. It's not clear if the issue is related to winrm itself or 3rd party tools...

bug