{"uuid": "7ea6eae0-79ff-4ea3-afb4-c0b8d7982b81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/202", "content": "\ud83d\udc7b Ghost in the PPL Part 2: From BYOVDLL to Arbitrary Code Execution in LSASS\n\nIn this second installment, the author deepens the exploration of techniques for bypassing LSASS protection, focusing on arbitrary code execution by refining the PoC, exploiting vulnerabilities like CVE-2023-28229, and bypassing Control Flow Guard (CFG) through RPC-based process handle duplication.\n\n\ud83d\udd17 Source:\nhttps://itm4n.github.io/ghost-in-the-ppl-part-2/\n\n#lsa #lsass #ppl #dll #maldev", "creation_timestamp": "2024-08-22T18:04:01.000000Z"}