milliways-infosec/RedSun
7
0
Fork 0
mirror of https://github.com/Nightmare-Eclipse/RedSun.git synced 2026-05-26 10:50:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
The Red Sun vulnerability repository
4 commits 1 branch 1 tag 87 KiB
Find a file
Exact
Nightmare-Eclipse 7456cc8cf0
Update README.md
2026-04-16 00:12:53 +02:00
LICENSE Initial commit 2026-04-15 23:37:07 +02:00
README.md Update README.md 2026-04-16 00:12:53 +02:00
RedSun.cpp Add files via upload 2026-04-15 23:40:26 +02:00
redsun.jpg Add files via upload 2026-04-16 00:06:04 +02:00

README.md

RedSun

The Red Sun vulnerability repository

Now, normally I would just drop the PoC code and let people figure it out. But I can't for this one, it's way too funny. When Windows Defender realizes that a malicious file has a cloud tag, for whatever stupid and hilarious reason, the antivirus that's supposed to protect decides that it is a good idea to just rewrite the file it found again to it's original location. The PoC abuses this behaviour to overwrite system files and gain administrative privileges.

I think antimalware products are supposed to remove malicious files not be sure they are there but that's just me.

BottomText