WerTrigger Save

Weaponizing for privileged file writes bugs with windows problem reporting

Project README

WerTrigger

Weaponizing for privileged file writes bugs with windows problem reporting

Short Description:

I've found phoneinfo.dll (which is missing in system32 dir) has been loaded by wermgr.exe (windows problem reporting) when I enable boot logging in Procmon. It mean, phoneinfo.dll is loaded after reboot. Then, I asked to @jonasLyk that can I trigger to load phoneinfo.dll without reboot and he said "yes!". And then, This trigger was happened.

Note:

you can also use @it4man's UsoDllLoader as a weapon for privileged file writes bugs and also there's another techniques at here FileWrite2system

For testing purposes:

As an administrator, copy phoneinfo.dll to C:\Windows\System32\
Place Report.wer file and WerTrigger.exe in a same directory.
Then, run WerTrigger.exe.
Enjoy a shell as NT AUTHORITY\SYSTEM.

test1

by @404death

Thanks to: @jonasLyk for giving advice which is without reboot technique

Open Source Agenda is not affiliated with "WerTrigger" Project. README Source: sailay1996/WerTrigger

Stars

170

Open Issues

Last Commit

1 year ago

Repository

sailay1996/WerTrigger

Open Source Agenda Badge

<a href="https://www.opensourceagenda.com/projects/wertrigger"><img src="https://www.opensourceagenda.com/projects/wertrigger/reviews/badge.svg" alt="Open Source Agenda"></a>

Submit Review Review Your Favorite Project

Submit Resource Articles, Courses, Videos

Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022