Bypassing PPL in Userland (again)
16 March 2023 at 23:00
This post is a sequel to Bypassing LSA Protection in Userland and The End of PPLdump. Here, I will discuss how I was able to bypass the latest mitigation implemented by Microsoft and develop a new Userland exploit for injecting arbitrary code in a PPL with the highest signer type. The current state of PP(L)s My previous work on protected processes (see Bypassing LSA Protection in Userland) yi...