06/06/2017 (Tue) 23:22:14
at least he posted the original link. half the archive.is using fuckers just post a shortlink. Archive.is can even use long links like what >>7259
posted. But yeah they need to get rid of cuntflare (maybe switch to a real anti-ddos solution, and save half their money) so their service can actually be useful.>>7246
This isn't even a problem for most users since they already run everything as the same user, in which case we can just use WriteProcessMemory and CreateRemoteThread for the same functionality (or one of the million other ways to do the same thing). BTW this situation is no differeent than Linux or any other mainstream OS.
Firstly the article is completely retarded, so let's talk about the actual "disclosure" instead:http://blog.ensilo.com/atombombing-a-code-injection-that-bypasses-current-security-solutions>Heading picture leet-haxor.jpg>script kiddie trash detected>no actual disclosure>no CVE>Any kind of decent application level firewall installed on the computer would block that executable’s communication.
Well no, there are millions of ways to communicate with the rest of the OS and you cannot enumerate them all, and even if you did, it would mean your stupid Application Firewall gives obscure meaningless warnings (with a 99.999% false positive rate) for every possible action a program takes. This reminds me of Comodo's Application Firewall crap, which did exactly this.>Threat actors! threat actors!!!!