Description:
Take 5% off EDR-evading software from Balliskit with promo code FLANG26. Visit https://www.balliskit.com/ for comprehensive evasion tools. For a preview of features in action, view our demo videos at https://vimeo.com/balliskit.
A quick demo of MDsec’s local privilege escalation (CVE-2024-24291), showing how Windows accessibility features can be abused with a symlink and an oplock race to write arbitrary values in the local machine registry hive, then change a service ImagePath to launch a payload as SYSTEM. Bonus BOF release!
Links:
https://www.mdsec.co.uk/2026/03/rip-regpwn/
https://github.com/mdsecactivebreach/RegPwn
https://github.com/Flangvik/RegPwnBOF
Chapters:
00:00 Intro and CVE Overview
00:39 How the Exploit Works
01:38 BOF Port and Demo Setup
02:19 Sponsor and Agent Callback
03:17 Register and Configure BOF
04:49 Trigger Lock Screen Race
05:33 Start Service as SYSTEM
06:26 Wrap Up and Patch Status
If you are planning on purchasing one of the great courses by Zero Point Security, please consider using my affiliate code 1e3cfb, or use this link
https://training.zeropointsecurity.co.uk/?ref=1e3cfb
Join the Flangvik Discord! :)
https://discord.gg/r927C6GBBV
Follow me on Twitter:
https://twitter.com/Flangvik
#cybersecurity #hacking #security #programming #informationsecurity #coding #tech #code #pentest
Share this link via
Or copy link