As part of my “research” I created a tool called “Get-Writable” that will search for .exe and .dll files that are world writable. You pass Get-Writable a directory path, and it will recursively look through every directory to find files. I had Get-Writable start at the “C:\” root to try and find all writable .exe’s…
All posts in April 2020
Unprivileged User Persistence with Zoom
*** UPDATE: It looks like the most recent version of Zoom has fixed the issue of loading an unsigned DllSafeCheck.dll. This persistence technique no longer works. Thank you to @LadhaAleem for bringing this to my attention. See the Patching Zoom.exe section for details on how this can be bypassed. Zoom has been in security news…