April 2016 – Will Genovese

POC for MS16-042 Excel Heap Exploit

By illwill | April 14, 2016 - 2:15 am |April 14, 2016 Exploits

Leave a comment

A new heap memory corruption (Out-of-Bounds Read) that affects Microsoft Office Excel 2007,2010,2013 and 2016. This vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office Excel file (.xlsm).
Advisory & POC

Windows 10 RS1 14316

By illwill | April 10, 2016 - 4:45 pm |April 10, 2016 Privilege Escalation

Leave a comment

The build brings new changes targeting previously exploited dll-hijacking and uac bypass method vulnerabilities.

cliconfg.exe – can no longer be used as target for autoelevation as MS changed it manifest to autoelevate=false.

mmc.exe – event viewer console fixed, dll hijacking no longer works.

fake IIS inetmgr.exe launch from inetsrv appinfo hardcoded directory fixed too – Windows will not allow you to run & autoelevate anything except legit InetMgr.exe from system32inetsrv directory.

Bypasses alot of the methods used by UACme that is posted in my ::Wiki::

Modding A Tower Pro Micro Servo To Rotate 360 Degrees

By illwill | April 4, 2016 - 10:58 pm |February 10, 2017 Arduino, Projects

Leave a comment

For one of my old projects last year, I need mod a micro servo to rotate continuously 360 degrees for a small robot tank, this hack will work with just about any servo. To do so you need to for open up the servo casing. Carefully remove the bottom portion first (where the wires are coming out of).

Continue reading →