Info Sec & Developers Blog

Dear all, This article is related to windows 7 Escalation of Privilege which was identified by Zero Day Initiative (Article link ) Here is the short version of how to escalate the Privilege if your windows 7 is not updated in/after Nov 2019. 1st you have to download an application which is signed by old Microsoft  certificate. Right click on it and go to properties and click on UNLOCK button. Right click on the application and run as administrator. UAC box will appear. Click on Show details, it will show you a Hyper Link, click on it. Certificate popup box will appear, there will be hyper link in front of ISSUED By row. Click it and it will open IE running as system privileges, close the all popup boxes. and open the minimized IE. Click on setting buttons and click on Save AS from there you can go to windows/system32 directory and run a CMD. Exploitation Video is below: https://www.youtube.com/watch?v=3BQKpPNlTSo Also below are the links of Old signed "Micros

Dear Reader, Today while testing for a website I changed my Firefox proxy setting to burp-suite proxy and completed the testing, now when I revert back the normal proxy settings/system proxy. The websites like google and other HTTPS base websites started showing my HSTS error due to our organization's self signed certificate. If you are facing same error below are the steps to follow: Close all tabs in Firefox. Go to proxy setting in Firefox and set your manual proxy or select proxy system proxy. Note that if you select system proxy, you have to set proxy in internet explorer . Once everything done, Open New Tab and type this and hit enter about:config It will show you an alert and click i accept s It will open a page, on top of that page there will be a search bar, in that search bar copy paste this: security.enterprise_roots.enabled The search bar will show you the value, double click on that value and its value will be changed true.  Close your browser and open it ag