I hereby claim:
- I am voidsec on github.
- I am voidsec (https://keybase.io/voidsec) on keybase.
- I have a public key ASAAkzkIA7goEHg_eaBkkY7Su27pQuYRf-NtZkQbBID1uAo
To claim this, I am signing this object:
### Keybase proof | |
I hereby claim: | |
* I am VoidSec on github. | |
* I am voidsec (https://keybase.io/voidsec) on keybase. | |
* I have a public key whose fingerprint is 4ACF D42C C873 B737 114B DB7A 9A3A DBB7 EB98 B63E | |
To claim this, I am signing this object: |
/* | |
Full title: VirIT Explorer Lite & Pro v.8.1.68 Local Privilege Escalation (System)/Arbitrary Code Execution | |
Exploit Author: Paolo Stagno - voidsec@voidsec.com | |
Vendor Homepage: http://www.tgsoft.it | |
Version: VirIT Explorer Lite & Pro v.8.1.68 | |
Tested on: Windows 7 | |
CVE: TBD | |
CVSS v2: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C/E:H/RL:U/RC:C) - https://nvd.nist.gov/cvss.cfm?calculator&version=2&vector=%28AV:L/AC:L/Au:S/C:C/I:C/A:C/E:H/RL:U/RC:C%29 | |
Category: local exploits | |
Platform: windows |
I hereby claim:
To claim this, I am signing this object:
# Updated on 29/01/2021 | |
# IOCs from Google TAG https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/ | |
# IOCs from Microsoft MSTIC https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/ | |
# Checks the registry, if not compromised each test will return "ERROR: The system was unable to find the specified registry key or value." | |
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\KernelConfig" | |
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DriverConfig" | |
reg query "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SSL Update" | |
# Checks the following paths, if not compromised each test will return false |
# http://docs.python-requests.org/en/master/api/ | |
import requests | |
class RequestsApi: | |
def __init__(self, base_url, **kwargs): | |
self.base_url = base_url | |
self.session = requests.Session() | |
for arg in kwargs: | |
if isinstance(kwargs[arg], dict): | |
kwargs[arg] = self.__deep_merge(getattr(self.session, arg), kwargs[arg]) |