Clément Labro
Clément Labro
When building the script, the file `src\02_Helpers.ps1` is blocked by AMSI. ``` C:\PATH\TO\PrivescCheck>powershell -ep bypass -c ".\Build.ps1" [OK] Loaded module file 00_Main.ps1 [OK] Loaded module file 01_Win32.ps1 [KO] Failed to...
Under specific conditions, the function `Invoke-ServicesImagePermissionsCheck` incorrectly reports some service binary permissions as vulnerable. Below is an example when the script is executed while the current directory is `C:\Users\USERNAME`. It...
### Configuration impacket version: 0.12.0.dev1 Python version: 3.11 Target OS: Debian 12 ### Debug Output With Command String ```console $ ntlmrelayx -t 'ldap://10.10.10.10' -i --http-port 8000 --no-smb-server Impacket v0.12.0.dev1 -...
**Describe the bug** Project titles containing an ampersand (`&`) are not rendered in the main view's top bar. **To Reproduce** Steps to reproduce the behavior: 1. Create a new project...
https://blog.reveng.ai/physmem-e-when-kernel-drivers-peek-into-memory/ The driver IOMap64.sys can be exploited by a local administrator to read arbitrary kernel memory. - MD5: 4da690ba853b12927fafd6b6387828cf - SHA1: 849bcfd80ecfe74e5344238d5ea219ee8e2bcf14 - SHA256: e62d0c1353a3d913497e6016d0f48d7cf9ef99e4026b94ccd873d6c7a9a54565 The SHA256 hash provided in...
Hello! Running the command `msldap dnsqueryall` fails with the following error: ```console $ bloodyAD -H 'DC_FQDN' -d 'DOMAIN_FQDN' -u 'USER_NAME' -p 'USER_PASS' msldap dnsqueryall --zone 'DOMAIN_FQDN' Traceback (most recent call...
In the SCCM NAA credential check, the WMI object database file is accessed directly without first making sure that it is accessible. This may result in an unhandled error when...
The TPM checks may fail if the `TpmGetDeviceInformation` doesn't exist. In this case, an unhandled exception it thrown by the script. This exception should be gracefully handled. ```txt ┏━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┃...
When enumerating COM classes in the registry, some of them may be registered with a CLSID which does not strictly follow the GUID format. Since it is assumed that they...