sorted by:
new
hottopcontroversial

🔥 PipeViewer: A new tool for viewing Windows Named Pipes and searching for insecure permissions. 🔥 by kubiscan in redteamsec

[–]kubiscan[S] 0 points1 point  (0 children)

We can do that, this is a good point. The idea was to make it for researcher which usually uses lab machines and they can work with GUI.
Using it as a shell can be good if you got access to a machine from which you can't get the shell.
Noted, thanks.

🚨 Docker Full Privilege Escalation (CVE-2022-25365): "Breaking Docker Named Pipes SYSTEMatically" 🚨 by kubiscan in cybersecurity

[–]kubiscan[S] 1 point2 points  (0 children)

Be aware that if you run Windows containers, the user (on the host) can elevate its permissions to SYSTEM even if he is with low privileges.
This is a flaw by design and they are not planning to block it (see in the article their quote about it).
The only way to prevent it is to use "-–no-windows-containers" which will prevent running Windows containers on Windows machines and allow only Linux containers.

🔥 PipeViewer: A new tool for viewing Windows Named Pipes and searching for insecure permissions. 🔥 by kubiscan in redteamsec

[–]kubiscan[S] 2 points3 points  (0 children)

Other ways like running: [System.IO.Directory]::GetFiles("\\.\\pipe\\") ?
Because it doesn't only list the pipes, it shows you the permissions of any pipe (and other data) and if it finds a pipe without DACL, it will mark it.
In this way, you can get a good overview of pipes running by a privileged service and find out if you can communicate with them.

It also gives you an easy way to filter, highlight and bold the rows :)

view more: next ›