Magnifier0day Save

Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking

Project README

magnifier0day

Windows 10 Privilege Escalation (magnify.exe) via Dll Search Order Hijacking

can exploit every windows which installed intel Driver.

Some of the ppl will say this is not vuln because of default system paths %path% but most of the user have the user writeable path in SYSTEM %PATH% then we can exploit it.

steps:

  1. copy payload dll as igdgmm64.dll to SYSTEM path %PATH% which is writeable such as C:\python27
  2. Press WinKey+L
  3. Press Enter
  4. Press WinKey++(plusKey) on login screen which show password box.
    then payload dll will execute as SYSTEM access.

or
WinKey+L (LogonUI) -> Ease of Access - > Magnifier -> login.
payload will execute as SYSTEM

Noted: Use this for finding paths

https://github.com/sailay1996/awesome_windows_logical_bugs/blob/master/find_dir4_privEsc_dll_hijack.txt

test1

@404death

Open Source Agenda is not affiliated with "Magnifier0day" Project. README Source: sailay1996/magnifier0day
Stars
137
Open Issues
0
Last Commit
3 years ago
Repository
sailay1996/magnifier0day
Tags
Dll Hijacking Magnifier Windows Exploitation Windows Privilege Escalation

Open Source Agenda Badge

Open Source Agenda Rating
Submit Review Review Your Favorite Project
Submit Resource Articles, Courses, Videos
Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?