Created
September 19, 2020 11:40
-
-
Save ffcommax/39f37d53bb86897b2f647c73e1b050cd to your computer and use it in GitHub Desktop.
CloudExperienceHost
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CloudExperienceHost | |
| https://bugs.chromium.org/p/project-zero/issues/detail?id=2051 | |
| Proof of Concept: | |
| I’ve provided a PoC as a C# project. It’ll create the admin Retail Demo User which will be an administrator. It doesn’t attempt to use the user afterwards though, but you can clearly see that it has been added. If you really want to test it then just logout and log back in as the new user. | |
| 1) Compile the C# project. | |
| 2) Run the PoC as a normal user. | |
| 3) Check members of the Administrators group. | |
| Expected Result: | |
| Fails to access the SYSTEM COM server. | |
| poc.zip | |
| https://bugs.chromium.org/p/project-zero/issues/attachment?aid=449687&signed_aid=Zh89DlsWY5cj_V-HXxphCQ== |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment