davidlebr1

I haven't done malware research (the kind I like) in a long time because I have a newborn. Now that my son is a little older and I have more opportunities I've returned with more focus and silliness. When reviewing random .DLL's in Windows, I found more silly things. Nerds abuse cmlua.dll as a UAC bypass. It exposes a COM object called ICMLuaUtil. People then abuse the exposed method ShellExec However, for reasons I do not understand (maybe you know?) ICMLuaUtil bypasses UAC, hence any method invoked bypasses UAC. Things you can: - ICMLuaUtil CallCustomActionDll Will arbitrarily execute anything from a DLL and bypass UAC. People have defined this, but have no used it because ??? - ICMLuaUtil CreateFileAndClose Will create a file and then close the handle. This is very silly because it accepts dwFlagsAndAttributes FILE_FLAG_DELETE_ON_CLOSE. You can arbitrarily begin deleting files on any directory without a UAC prompt - ICMLuaUtil AllowAccessToTheWorld Changes security descriptors supplied file to give access to all users on machine .. There is a bunch of stuff that I don't see nerds abusing this stuff because ???

💡When selecting a Red Team vendor to work with, there are several key attributes to consider. Here are some of the most important factors to keep in mind: 1⃣ Expertise and Experience: Look for a vendor that has a team of highly skilled and experienced Red Team professionals. They should have a strong background in security testing, including penetration testing, vulnerability assessments, and threat modeling. Ideally, they should have experience working in your industry or with similar types of systems. 2⃣ Approach and Methodology: Look for a vendor that has a clearly defined approach and methodology for conducting Red Teaming engagements. They should be able to explain their testing methodology and provide a detailed description of the testing process. They should also be able to customize their approach to meet your specific needs and goals. 3⃣ Tools and Techniques: Look for a vendor that has a broad range of testing tools and techniques at their disposal. They should be able to use both automated and manual testing methods to identify vulnerabilities. They should also have experience with a variety of testing tools, including open source and commercial tools. 4⃣ Reputation and References: Look for a vendor that has a strong reputation in the industry and has positive references from past clients. Ask for references and check them carefully to ensure that the vendor has a track record of delivering high-quality Red Teaming services. 5⃣ Communication and Collaboration: Look for a vendor that is easy to work with and has good communication skills. They should be able to explain their findings and recommendations clearly and be willing to work closely with your team to address any vulnerabilities that are identified. ☑️ By taking these factors into account, you can choose a Red Team vendor that has the expertise, experience, and tools needed to help you identify vulnerabilities and improve your overall security posture.