Proof of concept execution of an exploit which takes advantage of the RDP Maximum Channel ID's bug. This flaw is highly dangerous for example if enabled on a LAN where a party with nefarious purposes is present. The risk in this flaw lies in it's ability to invoke a blue screen (of death) in Windows versions up to 7. I haven't yet tested on Windows 8 but I will soon have it added to my lab for testing. I have run into situations where the vulnerability is not available, but it's on one of my co-workers PC's (he agreed to the testing), and I suspect he has some fancy routing work going on which disables the exploit.

Shining some light on an open and unresolved vulnerability in Java, this includes the latest java versions with all security patches applied. Here, I demonstrate the case where the user is provided a link to click through some sort of social engineering (covert link on web page, SMS Text, email, etc). When the user clicks the link, a remote exploit will be launched providing a shell to the users remote system. With shell established the user is now effectively under control of the would be hacker. Here, I display a rather juvenile exercise of changing the background of the remote system via covert shell access. #owned