Y
Hacker News
new
|
ask
|
show
|
jobs
by
monocasa
2636 days ago
It's intentional; it's not "exploitation". It's really doing privilege deescalation of the shellcode.
They know the code it's running for the most part, it's the CreatProcessW stuff they talk about.