CVE-2021-31728 PoC — MalwareFox Anti-Malware 安全漏洞

Source

https://github.com/irql/CVE-2021-31728

Associated Vulnerability

Title:MalwareFox Anti-Malware 安全漏洞 (CVE-2021-31728)
Description:MalwareFox Anti-Malware是美国MalwareFox公司的一个应用软件。一个检测恶意代码软件。 MalwareFox AntiMalware 2.74.0.150 存在安全漏洞，该漏洞允许在驱动程序的上下文中公开环0代码的执行，允许非特权进程提升特权。

Description

vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.

Readme

### CVE-2021-31727 and CVE-2021-31728
###### [Public Reference for CVE-2021-31727](CVE-2021-31727.md)
Exposes unrestricted disk read/write capabilities.
###### [Public Reference for CVE-2021-31728](CVE-2021-31728.md)
Exposes arbitrary ring 0 code execution directly.

![](poc.gif)
### Credit
[Lima X](https://github.com/Lima-X) helped with SystemBigPoolInformation idea.

File Snapshot


 [4.0K]  /data/pocs/081ef4674e3de684fe69f51681b702cf0b9357b9
├── [ 800]  CVE-2021-31727.md
├── [2.2K]  CVE-2021-31728.md
├── [4.0K]  disk_rw
│   ├── [2.6K]  disk_rw.vcxproj
│   ├── [ 205]  disk_rw.vcxproj.filters
│   └── [4.4K]  main.c
├── [4.0K]  kernel_exec
│   ├── [2.7K]  kernel_exec.vcxproj
│   ├── [ 205]  kernel_exec.vcxproj.filters
│   └── [ 27K]  main.c
├── [ 58K]  poc.gif
├── [ 371]  README.md
└── [1.2K]  zampoc.sln

2 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!