Comments (11)
k4nfr3
commented on June 11, 2024
2
Confirm too. It worked before applying the security update last night, and no longer today (Win10).
Looks like a quick and dirty fix
from ctftool.
JoeDibley
commented on June 11, 2024
1
Can confirm this is the August Security Update
from ctftool.
taviso
commented on June 11, 2024
1
I'm told there are more changes planned for next Patch Tuesday to address the edit session attacks, so I'm reluctant to do too much work on this until the new patches are released. I guess we'll see what happens!
from ctftool.
ustayready
commented on June 11, 2024
1
I went ahead and looked into the MSU, looks like the only ALPC changes I found were in CoreMessaging.dll so I diff'd pre-August vs. August. Two partial matches:
Microsoft::CoreUI::Registrar::ServerConversationOperations::RegisterConversation
Microsoft::CoreUI::Registrar::RegistrarServerCaller::LocalClientDisconnected_MessageCall
Figured I'd at least update this issue with some notes in case it becomes useful.
from ctftool.
taviso
commented on June 11, 2024
What OS is this on? 0xc0000041 is STATUS_PORT_CONNECTION_REFUSED, it might be caused by the recent changes Microsoft made if you applied the August security patches.
I haven't had time to understand the recent changes yet, but will support it soon! I think Microsoft changed the size of the connection message, so it no longer matches.
from ctftool.
ivanquin33
commented on June 11, 2024
I had the same problem "Failed to send message to server, giving up, 0xc0000024" running the ctftool.exe with non-admin account on a Windows 7 x64 VM with no updates at all.
from ctftool.
ibrasec
commented on June 11, 2024
same issue here, although no updates done to win7, but the exploit didn't sucess, instead the user just logged out untill he pass the authentication. this message keep appearing "Failed to send message to server, giving up, 0xc0000024"
from ctftool.
ingm4r
commented on June 11, 2024
Any news on this?
from ctftool.
ustayready
commented on June 11, 2024
Anyone diff the August Security Update yet to see what changed? If I get some time this weekend, I'll see what I can find.
from ctftool.
ustayready
commented on June 11, 2024
That makes sense. I appreciate the heads up, I may stand down until after Tuesday too.
from ctftool.
Ziowebbo
commented on June 11, 2024
I'm told there are more changes planned for next Patch Tuesday to address the edit session attacks, so I'm reluctant to do too much work on this until the new patches are released. I guess we'll see what happens!
any update on this after many months? :)
from ctftool.
Related Issues (17)
- handle unwritable temp dir HOT 5
- found a bug with the exploit. HOT 2
- rc print HOT 1
- No Exe found... HOT 2
- References to c:\WINDOWS\TEMP\ still exist in release HOT 1
- No cmd spawned on Win 10 Enterprise 1809 HOT 13
- No code execution - MSVCP140.dll HOT 8
- Unable to find and test ctftool.exe HOT 3
- [Not Bug] Windows Server 20xx HOT 1
- logonui script gives a blank(black screen) and does not spawn cmd.exe HOT 3
- Triggering UAC but then erroring out and not going forward. HOT 2
- cmd not spawned in win 10 1803 HOT 4
- failed to send message to server, giving up, 0xc0000041 HOT 5
- Sorry, I don't recognise stub 0 for thread 10468
- Snapchat password HOT 1
- sendinput
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ctftool.