名称 简介 添加时间
关联规则 关联知识 关联工具 关联文档 关联抓包
参考
详情
作者:ecawen 发表于[2017-10-07]

本文共 [850] 位读者顶过

## Kernel Exploitation Case Study - "Wild" Pool Overflow on Win10 x64 RS2 (CVE-2016-3309 Reloaded)

This Github repo contains exploits for the recently-patched win32kfull!bFill vulnerability. Executing the Palette or Bitmap exploit will give you SYSTEM privileges on the affected system. The exploits should work fine on Windows 10 x64 with Creators Update, build 15063.540 (latest version of Win10 before the release of Microsoft's September Updates).[出自:jiwo.org]

The Visual Studio solution contains three exploits:

- CVE-2016-3309_Reloaded_Bitmaps: Exploit using the Bitmaps technique
- CVE-2016-3309_Reloaded_Palettes: Exploit using the Palettes technique
- CVE-2016-3309_Reloaded_Deadlock: POC exploit showcasing the system deadlock which happens due to improved Handle validation

We also published a [blog post](https://siberas.de/blog/2017/10/05/exploitation_case_study_wild_pool_overflow_CVE-2016-3309_reloaded.html) which goes into detail about the exploitation of this "wild" Pool-based overflow. 
---------------------------------------------------------------------------------------------------------------
左上角导航栏那么明显的“下载”按链接你看不见,那就点这儿 下载 吧!

评论

暂无
发表评论
 返回顶部 
热度(850)
 关注微信