Subscribe via feed.

Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation

Posted by deepcore on September 20, 2015 – 6:06 am

The MicrosoftWindowsShellCreateObjectTask initializes a shell32 based ICreateObject COM server as local system. This is marked as being accessible from a normal user account so once created we can attach to it. The server only has one method, CreateObject which checks the CLSID against a list of known safe classes before allowing it to be instantiated. One of these classes is a diagnostic class for setting synchronization implemented in SettingSync.dll.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.