CVE-2022-38029 PoC — Microsoft Windows ALPC 竞争条件问题漏洞

Source

https://github.com/SpiralBL0CK/SIDECHANNEL-CVE-2022-38029

Associated Vulnerability

Title:Microsoft Windows ALPC 竞争条件问题漏洞 (CVE-2022-38029)
Description:Microsoft Windows ALPC是美国微软（Microsoft）公司的一种用于高速消息传递的进程间通信工具。 Microsoft Windows ALPC存在安全漏洞。以下产品和版本受到影响：Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 11 Versi

Description

SIDECHANNEL+CVE-2022-38029

Readme

Big fire collab with @cof123 on SIDECHANNEL info leak  + CVE-2022-38029 chain(KALPC UAF+ carrot_c4k3 sidechannel)
Under Construction... Please come back later... Not finished yet

File Snapshot


 [4.0K]  /data/pocs/26346ff88e98af467e9344b20e590625e712e6eb
├── [ 14K]  ALPC.h
├── [8.5K]  Chain.cpp
├── [7.0K]  Chain.vcxproj
├── [1.6K]  Chain.vcxproj.filters
├── [ 168]  Chain.vcxproj.user
├── [3.9K]  Command.cpp
├── [ 16K]  CommonALPC.cpp
├── [1.3K]  prefetch_asm.asm
├── [ 16K]  prefetch_leak.h
├── [ 179]  README.md
└── [4.4K]  Token.cpp

0 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!