"> = 128gb ) set directory = \? \ globalroot \ device \ harddiskvolumeshadowcopy5 \ windows \ system32 \ config $ directory = “ \? \ globalroot \ device \ harddiskvolumeshadowcopy5 \ windows \ system32 \ config ” : : point mimikatz at the vss backups and filter for the administrat…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1569.002Service Execution
77%
"is not a defense here, or in general https : / / amsi. fail / set - executionpolicy bypass - scope process - force ; [ system. net. servicepointmanager ] : : securityprotocol = [ system. net. servicepointmanager ] : : securityprotocol - bor 3072 ; iex ( ( new - object system. net…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1003.002Security Account Manager
76%
"what to know about microsoft ’ s registry hive flaw : # serioussam what to know about microsoft ’ s registry hive flaw : # serioussam # hivenightmare / # lolwut jeff mcjunkin * / / what is it? tl ; dr — unpatched privilege escalation in windows 10 in nearly all supported builds. …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
#hivenightmare / #lolwut Jeff McJunkin* // What is it? tl;dr — Unpatched privilege escalation in Windows 10 in nearly all supported builds. The vulnerability (CVE-2021–36934) allows an attacker with limited […]
