Truecrypt 7 Derived Code/Windows: Drive Letter Symbolic Link Creation Privilege Escalation

Posted by deepcore on October 6, 2015 – 8:57 am

The Windows driver used by projects derived from Truecrypt 7 (verified in Veracrypt and CipherShed) are vulnerable to a local elevation of privilege attack by abusing the drive letter symbolic link creation facilities to remap the main system drive. With the system drive remapped it’s trivial to get a new process running under the local system account.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Shell Shock Auto Exploitation Script ZTE GPON F427 Authorization Bypass / Cleartext Password Storage »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Truecrypt 7 Derived Code/Windows: Drive Letter Symbolic Link Creation Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL