Ls-magazine-ls-land-issue-16-daisies-15.525

Let us begin with the suffix: . Long-time readers of LS-Land have debated its meaning for months. Some believe it is a geographic coordinate (15.525° N?), though that falls in the Atlantic Ocean off West Africa. Others suggest a timecode (15 minutes, 52.5 seconds), a chemical compound index, or a nod to a forgotten cathode-ray tube model.

— From the LS-Land Field Notes, entry 15.525 (transcribed from a pressed specimen found between pages 211-212 of a discarded 1973 botany textbook, no author, no key). LS-Magazine-LS-Land-Issue-16-Daisies-15.525

11 comments

  1. Nice write up – where can I get the vulnerable app? I checked IOLO’s website and the exploitdb but I can’t find 5.0.0.136

  3. Hello.
    Thanks for this demonstration!

    I have a question. With this exploit, can we access to the winlogon.exe and open a handle for read and write memory?

    Kind regards,

  5. Why doesn’t it work with csrss.exe?

    pHandle = OpenProcess(PROCESS_VM_READ, 0, 428); //my csrss PID
    printf(“> pHandle: %d || %s\n”, pHandle, pHandle);
    i got: 0 || (null)

  8. The SeDebugPrivilege is already enabled in this exploit, what you can do it use a previous exploit of mine which uses shellcode being injected in the winlogon process.

  11. Thanks! I found with its hex byte ’03 60 22′ in IDA search and reached vulnerable function.

Leave a Reply

Your email address will not be published. Required fields are marked *