关联漏洞
标题:Microsoft Hyper-V 代码注入漏洞 (CVE-2021-28476)Description:Microsoft Hyper-V是美国微软(Microsoft)公司的一个应用程序。一种系统管理程序虚拟化技术,能够实现桌面虚拟化。 Microsoft Hyper-V存在代码注入漏洞。以下产品和版本受到影响:Windows 10 Version 1803 for x64-based Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core inst
Description
tools for automate configure Ubuntu 20.04 enviroment for testing CVE-2021-28476.
介绍
pack test and exploitdev for POC CVE-2021-28476 from bluefrostsecurity researcher
installation guide:
```
cd tools/
./add_to_path_tools.sh # addition tools for /usr/bin/
remove tools from /usr/bin:
cd tools/
./del_to_path_tools.sh
tools:
poc_init:
description:
preinit env guest host for compile POC (see poc_compile)
cmd args:
arg1 : path to cve root dir
exec options:
run as root
poc_compile:
description:
compile hv_netvsc src patched with poc code
cmd args:
no args
exec options:
run as root
poc_unload:
description:
unload hv_netvsc.ko from kernel
cmd args:
no args
exec options:
run as root
poc_load:
description:
load hv_netvsc.ko into kernel
cmd args:
no args
exec options:
run as root
poc_isload:
description:
check is hv_netvsc.ko in loaded kernel modules. If not displayed module is not loaded,else module is loaded
cmd args:
no args
exec options:
run as root
poc_run:
description:
execute poc code
cmd args:
number for func poc trigger
exec options:
run as root
poc_cfg_deps:
description:
download and install deps for poc_compile
cmd args:
no args
exec options:
run as root
```
文件快照
[4.0K] /data/pocs/3890cf03fb943e872663d07ec0ee61a77048d242
├── [1.0K] LICENSE
├── [4.0K] nopatch_net_hyperv_src
│ ├── [ 41K] hyperv_net.h
│ ├── [3.9K] netvsc_bpf.c
│ ├── [ 44K] netvsc.c
│ ├── [ 69K] netvsc_drv.c
│ ├── [ 148] netvsc_trace.c
│ ├── [6.2K] netvsc_trace.h
│ └── [ 42K] rndis_filter.c
├── [4.0K] pics
│ ├── [114K] boom.png
│ ├── [190K] rel04vsrel05.jpg
│ └── [571K] trigger.gif
├── [1.1K] README.md
├── [4.0K] src
│ └── [4.1K] poc.patch
└── [4.0K] tools
├── [ 448] add_to_path_tools.sh
├── [ 107] del_to_path_tools.sh
├── [ 362] poc_cfg_deps.py
├── [ 980] poc_compile.py
├── [ 12K] poc_init.py
├── [ 245] poc_isload.py
├── [ 524] poc_load.py
├── [2.0K] poc_run.py
└── [ 394] poc_unload.py
4 directories, 22 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。