Menu

Close
  • Home
Subscribe
Menu

got 0day?

This blog will cover my progress on various topics of my security research. I hope this blog will encourage you to do your own research and share it with the world for a better tomorrow.

Scroll Down
Page 1 of 3 Older Posts →

Impersonating Microsoft Support using Quick Assist

TL;DR This vulnerability allows attackers to impersonate Microsoft Support via the built-in remote support tool of Windows 10 named "Quick Assist". Microsoft decided not to »

Nabeel Ahmed Nabeel Ahmed on quick assist, ms support 04 June 2019

DACL Permissions Overwrite Privilege Escalation (CVE-2019-0841)

TL;DR This vulnerability allows low privileged users to hijack file that are owned by NT AUTHORITY\SYSTEM by overwriting permissions on the targeted file. Successful »

Nabeel Ahmed Nabeel Ahmed on Privilege Escalation, CVE-2019-0841, Windows Apps, DACL 09 April 2019

The perfect SSO account takeover with Oracle OAM (CVE-2018-2739)

TL;DR This weakness allows us to bypass the URL filtering on the RH parameter which could be used to hijack the session of any user »

Nabeel Ahmed Nabeel Ahmed on Oracle, OAM, CVE-2018-2739, Oracle Authentication Manager, Session Hijacking, SSODomains 17 April 2018

Windows Remote Assistance XXE vulnerability

Intro Windows Remote Assistance allows someone you trust take over your PC and fix a problem from anywhere around the world. It relies on the Remote »

Nabeel Ahmed Nabeel Ahmed on CVE-2018-0878, XXE, MSRA, MSXML3, XML, Windows Remote Assistance 20 March 2018

SMBv3 Null Pointer Dereference vulnerability (CVE-2018-0833)

Table of contents Intro Root cause analysis Proof-of-Concept Intro Late last year while setting up a fuzzer to target the SMB protocol, I discovered a vulnerability »

Nabeel Ahmed Nabeel Ahmed on Windows, CVE-2018-0833, Denial-of-Service, Microsoft 24 February 2018
Page 1 of 3 Older Posts →
got 0day? © 2020
Proudly published with Ghost