milliways-infosec/GreenPlasma
7
0
Fork 0
mirror of https://github.com/Nightmare-Eclipse/GreenPlasma.git synced 2026-05-26 15:30:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update README.md

Browse source
This commit is contained in:
Nightmare-Eclipse 2026-05-12 19:36:09 +02:00 committed by GitHub
parent 45b9654955
commit 5445b8eca5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
README.md
View file

@ -1,2 +1,10 @@
# GreenPlasma # GreenPlasma
GreenPlasma Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability GreenPlasma Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability
For this one, I'm not dropping the full PoC, I stripped off the necessary code for a full SYSTEM shell. This is a huge challenge for CTF lovers out there.
The PoC will create an arbitrary memory section object in any directory object write-able by SYSTEM, if you're smart enough, you can turn this into a full privilege escalation as you can influence the newly created section to manipulate data, lots of services (and even kernel mode drivers) blindly trust certain paths since a standard user is normally not supposed to have write access to them.
Unsure if this works in Windows 10 but it works in Windows 11/2022/2026 for sure.
<img width="1115" height="628" alt="obj" src="https://github.com/user-attachments/assets/3a843a4b-8daf-4fc9-9d95-26f87b67031b" />