CVE-2023-36802 PoC — Microsoft Streaming Service 安全漏洞

Source

https://github.com/Nero22k/cve-2023-36802

Associated Vulnerability

Title:Microsoft Streaming Service 安全漏洞 (CVE-2023-36802)
Description:Microsoft Streaming Service是美国微软（Microsoft）公司的一个视频平台。 Microsoft Streaming Service存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响：Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Win

Description

Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver

Readme

# PoC for CVE-2023-36802
Exploit targeting MSKSSRV.SYS driver. The complete exploit works on vulnerable Windows 11 & 10 systems.

# Note
If you have any cool tricks & tips that will make this exploit better I'm open to any suggestions :)

# Credits
- [Valentina Palmiotti (@chompie1337) from IBM X Force](https://securityintelligence.com/x-force/critically-close-to-zero-day-exploiting-microsoft-kernel-streaming-service/)
- [Google's project zero analysis](https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-36802.html)

File Snapshot


 [4.0K]  /data/pocs/1f3232f0a881147080186a9f8aa84c3529947980
├── [4.0K]  CVE-2023-36802_Win10-11
│   ├── [1.1K]  CVE-2023-36802_Win10-11.filters
│   ├── [ 168]  CVE-2023-36802_Win10-11.user
│   ├── [7.0K]  CVE-2023-36802_Win10-11.vcxproj
│   ├── [ 168]  CVE-2023-36802_Win10-11.vcxproj.user
│   ├── [ 15K]  exploit.c
│   └── [5.7K]  Types.h
├── [1.5K]  CVE-2023-36802_Win10-11.sln
└── [ 549]  README.md

1 directory, 8 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!