Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 01:17:36 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [master] 2 pages modified

Browse source
This commit is contained in:
CPol 2020-10-13 09:37:31 +00:00 committed by gitbook-bot
parent 40606fb77c
commit b96669945e
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
windows/windows-local-privilege-escalation/README.md
View file

@ -176,7 +176,9 @@ And if `HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer
Then, **it is exploitable.** If the last registry is equals to 0, then, the WSUS entry will be ignored.
You can use: [Wsuxploit](https://github.com/pimps/wsuxploit) - This is a MiTM weaponized exploit script to inject 'fake' updates into non-SSL WSUS traffic.
In orther to exploit this vulnerabilities you can use tools like: **Wsuspicious**, [Wsuxploit](https://github.com/pimps/wsuxploit), [pyWSUS ](https://github.com/GoSecure/pywsus)- These are MiTM weaponized exploits scripts to inject 'fake' updates into non-SSL WSUS traffic.
You can read here the [research of **WSUS CVE-2020-1013**](https://www.gosecure.net/blog/2020/09/08/wsus-attacks-part-2-cve-2020-1013-a-windows-10-local-privilege-escalation-1-day/) and the **first one donde here:**
{% file src="../../.gitbook/assets/ctx\_wsuspect\_white\_paper \(1\).pdf" %}