[brl]

"It always follows the same pattern of arm waving and press releases, with a promised demonstration, and then the day of reckoning comes and...quiet."

A few minutes ago, live on stage at a security conference in Buenos Aires (#ekoparty) they popped local SYSTEM privileges remotely on both DotNetNuke and SharePoint installed in a typical production configuration.

In case you think they stacked the deck, those applications were chosen only a couple of days ago after Juliano asked on Twitter for suggestions for the presentation.

[ergo98]

What do you mean by "local SYSTEM"?

I eagerly look forward to details on it. Where might I find them?

[brl]

> What do you mean by "local SYSTEM"?

The highest system privilege level on Windows. They were able to interactively run CMD.EXE as the LocalSystem account on the remote web server.

> I eagerly look forward to details on it. Where might I find them?

The details were not disclosed until today when the attack was presented at a security conference. As far as I know there isn't anything available online yet, but that should change very soon.