From 1ef6b633ca3269d007d8382af8f4eeedb749ad29 Mon Sep 17 00:00:00 2001 From: xerox Date: Mon, 17 Aug 2020 22:12:49 +0000 Subject: [PATCH] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 806d71f..c0e0326 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,6 @@ The reason this proxy of a syscall is a vulnerability is simply because their is open a handle with `PROCESS_QUERY_LIMITED_INFORMATION` and use that handle to read/write any usermode memory that is also read/writeable. The handle access is not important to bedaisy rather they use the handle to get the EPROCESS of the process that the handle is opened on. - + As you can see you can open any handle with any access and then pass it along to bedaisy and it will read/write for you... \ No newline at end of file