This is the Windows app named RedSun whose latest release can be downloaded as InitialReleasesourcecode.tar.gz. It can be run online in the free hosting provider OnWorks for workstations.
Download and run online this app named RedSun with OnWorks for free.
Follow these instructions in order to run this app:
- 1. Downloaded this application in your PC.
- 2. Enter in our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.
- 3. Upload this application in such filemanager.
- 4. Start any OS OnWorks online emulator from this website, but better Windows online emulator.
- 5. From the OnWorks Windows OS you have just started, goto our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.
- 6. Download the application and install it.
- 7. Download Wine from your Linux distributions software repositories. Once installed, you can then double-click the app to run them with Wine. You can also try PlayOnLinux, a fancy interface over Wine that will help you install popular Windows programs and games.
Wine is a way to run Windows software on Linux, but with no Windows required. Wine is an open-source Windows compatibility layer that can run Windows programs directly on any Linux desktop. Essentially, Wine is trying to re-implement enough of Windows from scratch so that it can run all those Windows applications without actually needing Windows.
SCREENSHOTS:
RedSun
DESCRIPTION:
RedSun is a proof-of-concept security project that demonstrates a critical privilege escalation vulnerability in Microsoft Defender by exploiting unintended file-handling behavior. The tool leverages how Defender processes files tagged with cloud metadata, where instead of removing malicious files, the antivirus may rewrite them to their original location. By carefully manipulating this process, the exploit enables attackers to overwrite protected system files and gain SYSTEM-level privileges from a low-privilege account. The repository provides a minimal C++ implementation that showcases this behavior for research and educational purposes. It highlights flaws in endpoint protection logic and emphasizes how race conditions and file system interactions can be abused. The project is not designed as a full framework but as a focused demonstration of a real-world vulnerability. It serves as a stark example of how defensive systems can be turned into attack vectors.
Features
- Proof-of-concept privilege escalation exploit
- Abuse of Microsoft Defender file rewrite behavior
- Demonstration of SYSTEM-level access escalation
- Use of cloud file metadata handling flaws
- Lightweight C++ implementation
- Focus on vulnerability research and education
Programming Language
C++
Categories
This is an application that can also be fetched from https://sourceforge.net/projects/redsun.mirror/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.