CVE-2015-2291 PoC — Intel Ethernet diagnostics driver for Windows 缓冲区错误漏洞

Source

https://github.com/Tare05/Intel-CVE-2015-2291

Associated Vulnerability

Title:Intel Ethernet diagnostics driver for Windows 缓冲区错误漏洞 (CVE-2015-2291)
Description:Intel Ethernet diagnostics driver for Windows是美国英特尔（Intel）公司的一款基于Windows的以太网诊断驱动程序。基于Windows平台的Intel Ethernet diagnostics驱动程序的IQVW32.sys 1.3.1.0之前的版本和IQVW64.sys 1.3.1.0之前的版本存在安全漏洞。本地攻击者可借助特制的0x80862013、0x8086200B、0x8086200F或0x80862007 IOCTL调用利用该漏洞造成拒绝服务或

Description

PoC exploit for CVE-2015-2291

Readme

# Intel-CVE-2015-2291
PoC exploit for CVE-2015-2291

Data-only attack to pop a system shell with the vulnerable intel driver.

The code itselfs implements more "functionality" provided from the driver, like physical to virtual address translation, mapping physical memory (This two combined  = arbitrary kernel memory overwrite) so it can be used to execute arbitrary code in the kernel.

File Snapshot


 [4.0K]  /data/pocs/121b77f099b71f963e76f985b2b1075bcad6f67f
├── [4.0K]  intelExplo
│   ├── [ 14K]  intelExplo.cpp
│   └── [1.5K]  intelExplo.hpp
├── [1.4K]  intelExplo.sln
└── [ 390]  README.md

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!