Thread: Windows ALPC Zero-Day Exploit on github
View Single Post
  #9  
Old 06-08-2019, 15:42
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
  
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 260
Rept. Given: 77
Rept. Rcvd 85 Times in 38 Posts
Thanks Given: 147
Thanks Rcvd at 336 Times in 114 Posts
Fyyre Reputation: 85
Quote:
Originally Posted by argie View Post
Yep, that was my conclusion also. Very intelligent and VERY well versed in inner workings of Windows because these exploits are not simple but also either emo or fighting some real depression...
From my personal experience, very intelligent people are seldom 'normal'. I think she is very bright... but yes, probably depressed, feels out of place and this allows her to feel some kind of power, or temporary boost from that depression. It's hard to analyze someone. I just remember my own teenage years being hell =)

Quote:
Originally Posted by argie View Post
APLC is still up. tasksche impersonation LPE and win32k.sys race condition LPE are removed. I searched the net (by filenames) but didn't have much luck. I guess VT-I has it at least.
I think you want this one? If is the wrong one, let me know, will hunt it down.

sandboxescaperdemo-master.zip

Here is the one from original post, as the link was dead: PoC-LPE.rar

Quote:
Originally Posted by argie View Post
And also she said MANY times she was low on money. These exploits she is doing are worth like 25k+ Maybe up to 100k. Weird.
If she is depressed, or has bipolar type mood swings -- the illogical act of just releasing, kind of explains that. Again, I don't want to try and diagnosis her from afar.

Quote:
Originally Posted by argie View Post
Well I agree. Lots of various source code flying around that is useful for malware or other malicious things but many of the authors didnt intend it that way.
I'm 99% sure some of my initial PatchGuard and Driver signing disablement work contributed to some of the earlier bootkits for x64 Windows. That was never my intention, I just was looking for something to do when I started on PatchGuard.

Quote:
Originally Posted by argie View Post
This was quite malicious. Leaving people vulnerable once, then do it again...
Not that subtle.

I won't and am in no position to judge anyone. I can "understand" the 1st one but after that MANY people came to her and tried to convice her to go to proper channels of disclosure. But then (after a while) came 2 more and who knows what else what she left private.
People still tried to help but as said earlier she mostly steered the conversations into health and general RL stuff.
I never really considered the full implications of her actions, but yea.. you are correct; once is something. Twice is something else.

-Fyyre
__________________
Best Wishes,

Fyyre

--

https://github.com/Fyyre
Reply With Quote
The Following 2 Users Say Thank You to Fyyre For This Useful Post:
Indigo (07-19-2019), niculaita (06-09-2019)