Back to directory
WRITEUP #4471

One Click to Compromise -- Fun With ClickOnce Deployment Manifests

OtherNTLMv2 hash disclosureOne-click execution of arbitrary .Net assembliesWindows
by@G0ldenGunSec(Dave Cossa)
Program
Microsoft
Published
Jul 30, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttp://blog.redxorblue.com/2020/07/one-click-to-compromise-fun-with.html
RELATED WRITEUPS
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff
OtherSSTI
Ghost In The Ppl Part 1: Byovdll
OtherUse-After-Free
Part 2: From Byovdll To Arbitrary Code Execution In Lsass
OtherUse-After-Free

Built with ❤️ by Shubham Rawat