POC详情: 1bc6e4232d64e8e35bcf070fd5760aefbb3eea18

来源
https://github.com/websecnl/CVE-2021-36934
关联漏洞
标题: Microsoft Windows 访问控制错误漏洞 (CVE-2021-36934)
描述:Microsoft Windows是美国微软(Microsoft)公司的一种桌面操作系统。 Microsoft Windows 存在访问控制错误漏洞,该漏洞源于系统对多个系统文件的访问控制列表过于宽松,因此存在特权提升漏洞。成功利用此漏洞的攻击者可以使用SYSTEM权限运行任意代码。
描述
SeriousSAM Auto Exploiter
介绍
# CVE-2021-36934
SeriousSAM Auto Exploiter

# Requirements
- HiveNightmare , executable or a DLL equivelant of it (the DLL equivelant would require some code modifications in order to run it through rundll32, this could be useful when you run into applocker environments.)
- dump.exe m  which is a pyinstaller compiled secretsdump.py so its pretty large since it contains all modules and python itself into it. (Reason you dont need this as a DLL because you can also invoke this server side along with the hashcat API if you want, that would actually be way more effective and stealthy)
- hashcat API , this is a PHP API I made to pass hashes into which can crack most hashes within 5-10 seconds, this is way more efficient than NTLM rainbow tables. 
You can see the code here: https://github.com/websecnl/hashcat-php-API


This project is not yet finished but suite yourself and make something cool from it, just do it for Educational and Research purposes and not for the purpose to do harm to others!
文件快照

 [4.0K]  /data/pocs/1bc6e4232d64e8e35bcf070fd5760aefbb3eea18
├── [ 19M]  dump.exe
├── [1005]  README.md
└── [1.4K]  workinprogress.py

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。