Search the Community
Showing results for tags 'object'.
-
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such as description, attributes, resource usage etc. It let you view and edit object-related security information if you have required access rights. [hide][Hidden Content]]
-
- winobjex64
- v2.0
- (and 4 more)
-
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such as description, attributes, resource usage etc. It let you view and edit object-related security information if you have required access rights. System Requirements WinObjEx64 does not require administrative privileges. However administrative privilege is required to view much of the namespace and to edit object-related security information. It works only on the following x64 Windows: Windows 7, Windows 8, Windows 8.1 and Windows 10 (TH1, TH2, RS1, RS2), including Server variants. WinObjEx64 does not work on Windows XP, Windows Vista is partially supported and has no plans for their full support. In order to use all program features Windows must be booted in the DEBUG mode. Changelog v1.9.3 updated SeCiCallbacks search for newest Windows versions added Windows Server 2022 support fix win32k ApiSet resolving for Win10 21H2 fix ObCallbacks enumeration issues support for various kernel driver helpers ported to msvc 2022 (with backward compatibility to 2019) bugfixes rtls updated [hide][Hidden Content]]
-
- 1
-
- winobjex64
- v1.9.3
- (and 4 more)
-
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such as description, attributes, resource usage etc. It let you view and edit object-related security information if you have required access rights. System Requirements WinObjEx64 does not require administrative privileges. However administrative privilege is required to view much of the namespace and to edit object-related security information. It works only on the following x64 Windows: Windows 7, Windows 8, Windows 8.1 and Windows 10 (TH1, TH2, RS1, RS2), including Server variants. WinObjEx64 does not work on Windows XP, Windows Vista is partially supported and has no plans for their full support. In order to use all program features Windows must be booted in the DEBUG mode. Changelog v1.9.2 more Win10/11 21h2 compatibility changes added FLT_FILTER, FLT_OBJECT structured dump added authenticode hash calculation for loaded drivers (extras->Drivers, use popup menu on driver entry) added coalescing callbacks to callbacks list various minor UI changes fix misbehavior with recent wine staging 6.x internal rearrange rtls updated [hide][Hidden Content]]
-
- 3
-
- winobjex64
- v1.9.2
- (and 4 more)
-
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such as description, attributes, resource usage etc. It let you view and edit object-related security information if you have required access rights. System Requirements WinObjEx64 does not require administrative privileges. However administrative privilege is required to view much of the namespace and to edit object-related security information. It works only on the following x64 Windows: Windows 7, Windows 8, Windows 8.1 and Windows 10 (TH1, TH2, RS1, RS2), including Server variants. WinObjEx64 does not work on Windows XP, Windows Vista is partially supported and has no plans for their full support. In order to use all program features Windows must be booted in the DEBUG mode. Changelog v1.9.1 21h2 compatibility improvements rtls updated [hide][Hidden Content]]
-
- winobjex64
- v1.9.1
- (and 4 more)
-
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such as description, attributes, resource usage etc. It let you view and edit object-related security information if you have required access rights. Changelog v1.9 added Section object structured dump added ALPC port connections list (similar to !alpc /lpc windbg command) added MmUnloadedDrivers list added ExCreateCallback list to the callbacks list (PR #26) updated ApiSet plugin now support in place search filter internal rearrange [hide][Hidden Content]]
-
- winobjex64
- v1.9
- (and 4 more)
-
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such as description, attributes, resource usage etc. It let you view and edit object-related security information if you have required access rights. System Requirements WinObjEx64 does not require administrative privileges. However administrative privilege is required to view much of the namespace and to edit object-related security information. It works only on the following x64 Windows: Windows 7, Windows 8, Windows 8.1 and Windows 10 (TH1, TH2, RS1, RS2), including Server variants. WinObjEx64 does not work on Windows XP, Windows Vista is partially supported and has no plans for their full support. In order to use all program features Windows must be booted in the DEBUG mode. Changelog v1.8.8 internal rearrange view security for ALPC ports (most of them) security descriptor view dialog (object SID, DACL & SACL) fix #24 (SCM services list query) fix #25 (jump to file may fail under certain conditions) various minor UI changes 21h1 compatibility improvements [hide][Hidden Content]]
-
- winobjex64
- v1.8.8
- (and 4 more)
-
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such as description, attributes, resource usage etc. It let you view and edit object-related security information if you have required access rights. System Requirements WinObjEx64 does not require administrative privileges. However administrative privilege is required to view much of the namespace and to edit object-related security information. It works only on the following x64 Windows: Windows 7, Windows 8, Windows 8.1 and Windows 10 (TH1, TH2, RS1, RS2), including Server variants. WinObjEx64 does not work on Windows XP, Windows Vista is partially supported and has no plans for their full support. In order to use all program features Windows must be booted in the DEBUG mode. Changelog v1.8.7 01 August 2020 20h1/20h2/21h1 compatibility improvements added recognizing of shimmed drivers for drivers list (win10+) show process trust label for sections if it present plugins system extended and upgraded to support context plugins added imagescope plugin for section object types backed by imagefile added plugins viewer various minor changes treelist: fix tooltips flickering on Windows 7 [hide][Hidden Content]]
-
SugarCRM versions 9.0.1 and below suffer from multiple php object injection vulnerabilities. View the full article
-
Exploits NSKeyedUnarchiver ObjC Object Use-After-Free
1337day-Exploits posted a topic in Updated Exploits
NSKeyedUnarchiver suffers from a use-after-free vulnerability with ObjC objects when unarchiving OITSUIntDictionary instances even if secureCoding is required. View the full article-
- nskeyedunarchiver
- objc
-
(and 2 more)
Tagged with:
-
Linux suffers from broken permission and object lifetime handling for PTRACE_TRACEME. View the full article
-
- linux
- ptrace_traceme
-
(and 5 more)
Tagged with:
-
Exploits Safari Webkit Proxy Object Type Confusion
1337day-Exploits posted a topic in Updated Exploits
This Metasploit module exploits a type confusion bug in the Javascript Proxy object in WebKit. The DFG JIT does not take into account that, through the use of a Proxy, it is possible to run arbitrary JS code during the execution of a CreateThis operation. This makes it possible to change the structure of e.g. an argument without causing a bailout, leading to a type confusion (CVE-2018-4233). The type confusion leads to the ability to allocate fake Javascript objects, as well as the ability to find the address in memory of a Javascript object. This allows us to construct a fake JSCell object that can be used to read and write arbitrary memory from Javascript. The module then uses a ROP chain to write the first stage shellcode into executable memory within the Safari process and kick off its execution. The first stage maps the second stage macho (containing CVE-2017-13861) into executable memory, and jumps to its entrypoint. The CVE-2017-13861 async_wake exploit leads to a kernel task port (TFP0) that can read and write arbitrary kernel memory. The processes credential and sandbox structure in the kernel is overwritten and the meterpreter payloads code signature hash is added to the kernels trust cache, allowing Safari to load and execute the (self-signed) meterpreter payload. View the full article -
This Metasploit module exploits a php object instantiation vulnerability that can lead to remote code execution in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently performs whitelist check which can be bypassed to trigger an object injection. An attacker can leverage this to deserialize an arbitrary payload and write a webshell to the target system, resulting in remote code execution. Tested on Shopware git branches 5.6, 5.5, 5.4, 5.3. View the full article
-
- shopware
- createinstancefromnamedarguments
-
(and 3 more)
Tagged with:
-
Exploits Chrome ReadableStream Internal Object Leak
1337day-Exploits posted a topic in Updated Exploits
Chrome suffers from an internal object leak vulnerability in ReadableStream. View the full article-
- chrome
- readablestream
-
(and 3 more)
Tagged with:
-
PEAR Archive_Tar versions prior to 1.4.4 suffers from a php object injection vulnerability. View the full article
-
- pear
- archive_tar
-
(and 3 more)
Tagged with:
-
This Metasploit module exploits a type confusion bug in the Javascript Proxy object in WebKit. The DFG JIT does not take into account that, through the use of a Proxy, it is possible to run arbitrary JS code during the execution of a CreateThis operation. This makes it possible to change the structure of e.g. an argument without causing a bailout, leading to a type confusion. View the full article
-
WebKit JIT int32/double arrays can have proxy objects in the prototype chains. View the full article