milliways-infosec/RedSun
7
0
Fork 0
mirror of https://github.com/Nightmare-Eclipse/RedSun.git synced 2026-05-26 11:50:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update README.md

Browse source
This commit is contained in:
Nightmare-Eclipse 2026-04-16 00:12:53 +02:00 committed by GitHub
parent 173b3eb94d
commit 7456cc8cf0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
README.md
View file

@ -1,2 +1,9 @@
# RedSun
The Red Sun vulnerability repository
Now, normally I would just drop the PoC code and let people figure it out. But I can't for this one, it's way too funny.
When Windows Defender realizes that a malicious file has a cloud tag, for whatever stupid and hilarious reason, the antivirus that's supposed to protect decides that it is a good idea to just rewrite the file it found again to it's original location. The PoC abuses this behaviour to overwrite system files and gain administrative privileges.
I think antimalware products are supposed to remove malicious files not be sure they are there but that's just me.
![BottomText](redsun.jpg)