Sandboxie vulnerability exploitation(admin->ring0)

Discussion in 'other security issues & news' started by Hungry Man, Dec 14, 2012.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    http://www.kernelmode.info/forum/viewtopic.php?f=13&t=2244

    Looks like you need Admin first, so use drop rights.
     
  2. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I saw that yesterday, after seeing a mention at Sandboxie's own forum.

    -edit-

    There was something that made me a bit confuse, though. (About how damaging such bug could be.)

    Apparently, Sandboxie's own configuration file needs to be modified... So, without this modification won't work, because the *.dll won' be injected.
     
    Last edited: Dec 14, 2012
Loading...
Thread Status:
Not open for further replies.