optional @optionalctf, Twitter Profile

optional @optionalctf

4 years ago

I found a ground breaking RCE in windows… Run cmd.exe and you can freely run commands

53 27 533 0 6

John Hammond @_JohnHammond

4 years ago

@optionalctf bounty plz sir

1 0 92 0 0

David Maynor @Dave_Maynor

4 years ago

@optionalctf Come on, disclosure standards. Do you realize how many attackers you just enabled.

0 0 8 0 0

WiFi.py / wifi-py.bsky.social @wifi_py

4 years ago

@optionalctf RCE would imply REMOTE code exec. For this to work, you need to plug in a BT dongle and have a BT wireless keyboard. then step into another room and run cmd.exe Boom remote code execution.

1 1 16 0 0

fume @Fumenoid

4 years ago

@optionalctf I found one similar, one powershell.exe then you can run commands, moreover if you open it as administrator you can run command as an admin.. you can even get NT Authority/System.. insane right ?!

0 1 7 0 0

pirate.moo @apiratemoo

4 years ago

@optionalctf I need a video to explain how this works now pls.

1 0 8 0 0

Radhwan Alshammari @C23Se

4 years ago

@optionalctf Thank you for the report. Unfortunately, this issue has already been reported by another hacker in the past, so this report will be closed as Duplicate

0 0 3 0 0

r3tr0 @Elliot85940923

4 years ago

@optionalctf I found one in linux of you go to the terminal it works there aswell

0 0 2 0 0

Samuel @SaMthEHaCK4R

4 years ago

@optionalctf Microsoft has not solved this issue yet, so don't disclose it😂😂

0 1 0 0 0

Ravin @BlacknoteSec

4 years ago

@optionalctf 🤡🤡🤡🤡

0 0 2 0 0

@[email protected] @Hydragyrum1984

4 years ago

@optionalctf That sounds more like an LCE

1 0 1 0 0

DJ MININA @mininatechsec

4 years ago

@optionalctf Whoa.

0 0 1 0 0

root@AkashHamal0x01:~/ # 🇵🇭 @AkashHamal0x01

4 years ago

@optionalctf 0 day

0 0 1 0 0

Cary (h00p) @nopantrootdance

4 years ago

@optionalctf You forgot about the prereqs that the computer must be unlocked and attacker has physical access. 8.8CVSS probably

0 0 1 0 0

Kunal @l1v1n9h311

4 years ago

@optionalctf I don't have run permission to run cmd.exe, help me please

0 0 1 0 0

Aspen Mayer @aspenmayer

4 years ago

@optionalctf How did this get past code review?

0 0 0 0 0

Universe Of Evil ✿ @ScotttPillgram

4 years ago

@optionalctf Highly advanced. We need documentation bro...

0 0 0 0 0

macrotrojan @macrotrojan

4 years ago

@optionalctf 😮😮😮

0 0 0 0 0

ANUURAG BHOIIR @abhoiir400

4 years ago

@optionalctf Is this method applicable for linux also?🤔

0 0 0 0 0

Caesar @CC0wb0y

4 years ago

@optionalctf In terms of cvss this only an 8. A 10 would be running powershell.exe

0 0 0 0 0

✨𝓢HRO𝒫𝖘𝔥i𝔯e𝓢las𝓱e𝓇✨™️ @itchytwibbafngz

4 years ago

@optionalctf What is this critical R.C.E ? Theories?

0 0 0 0 0

_d3crypt_ @rockyr

4 years ago

@optionalctf ‘R’CE? That’s a LCE

0 0 0 0 0

Иīгмātā @nigmata___

4 years ago

@optionalctf Genius

0 0 0 0 0

Abdou @psechoPATH

4 years ago

@optionalctf 😂😂😂

0 0 0 0 0

Josh Patrick @rumsec_

4 years ago

@optionalctf And I’ve heard it’s really easy to escalate privileges.

0 0 0 0 0

HackHappy @HackHappy1

4 years ago

@optionalctf I think it would actually be an LCE :P sorry had to be that guy.

1 0 0 0 0

Trevor M. 🇺🇸 @tbell033

4 years ago

@optionalctf This is groundbreaking!

0 0 0 0 0

vidvansh @vidvansh

4 years ago

@optionalctf 😨😨 it’s really critical.. i am sure there must me some patch for it…

0 0 0 0 0

StartUsingPGP @beardedsinners

4 years ago

@optionalctf So your saying, if you open the windows terminal that is designed to run commands it runs command. Groundbreaking who knew the terminal was meant for that