Author: Owais Mehtab
-
Archive: VMWare Horizon View Client <= 5.4 DLL Hijacking
During one of the pentest assignment i had to perform security assessment for VMWare Horizon View Client, since it’s native windows application the attack vectors are different than normal web apps. I started looking at the memory then traffic then registries found nothing, i was at a total loss…. Fortunately since it’s a native application…
-
Archive: Unquoted Service Path Privilege Escalation
During pentest engagement we often manage to get a shell (usually it’s enough to prove your point) but what if one can truly get a complete hold of system ? So there are tons of privilege escalation techniques out there which includes exploiting kernel level bug, mis-configurations so on and so forth. One of the…