支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: 3890cf03fb943e872663d07ec0ee61a77048d242

来源
https://github.com/LaCeeKa/CVE-2021-28476-tools-env
关联漏洞
标题:Microsoft Hyper-V 代码注入漏洞 (CVE-2021-28476)
Description:Microsoft Hyper-V是美国微软(Microsoft)公司的一个应用程序。一种系统管理程序虚拟化技术,能够实现桌面虚拟化。 Microsoft Hyper-V存在代码注入漏洞。以下产品和版本受到影响:Windows 10 Version 1803 for x64-based Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core inst
Description
tools for automate configure Ubuntu 20.04 enviroment for testing CVE-2021-28476.
介绍
pack test and exploitdev for POC CVE-2021-28476 from bluefrostsecurity researcher

installation guide:

```
cd tools/
./add_to_path_tools.sh # addition tools for /usr/bin/


remove tools from /usr/bin:

cd tools/
./del_to_path_tools.sh


tools:

poc_init: 
	description:
		preinit env guest host for compile POC (see poc_compile)
	cmd args:
		arg1 : path to cve root dir
	exec options:
		run as root
poc_compile: 
	description:
		compile hv_netvsc src patched with poc code
	cmd args:
		no args
	exec options:
		run as root
poc_unload: 
	description:
		unload hv_netvsc.ko from kernel
	cmd args:
		no args
	exec options:
		run as root
poc_load: 
	description:
		load hv_netvsc.ko into kernel
	cmd args:
		no args
	exec options:
		run as root
poc_isload: 
	description:
		check is hv_netvsc.ko in loaded kernel modules. If not displayed module is not loaded,else module is loaded
	cmd args:
		no args
	exec options:
		run as root
poc_run: 
	description:
		execute poc code
	cmd args:
		number for func poc trigger
	exec options:
		run as root
poc_cfg_deps: 
	description:
		download and install deps for poc_compile
	cmd args:
		no args
	exec options:
		run as root
```
文件快照

 [4.0K]  /data/pocs/3890cf03fb943e872663d07ec0ee61a77048d242
├── [1.0K]  LICENSE
├── [4.0K]  nopatch_net_hyperv_src
│   ├── [ 41K]  hyperv_net.h
│   ├── [3.9K]  netvsc_bpf.c
│   ├── [ 44K]  netvsc.c
│   ├── [ 69K]  netvsc_drv.c
│   ├── [ 148]  netvsc_trace.c
│   ├── [6.2K]  netvsc_trace.h
│   └── [ 42K]  rndis_filter.c
├── [4.0K]  pics
│   ├── [114K]  boom.png
│   ├── [190K]  rel04vsrel05.jpg
│   └── [571K]  trigger.gif
├── [1.1K]  README.md
├── [4.0K]  src
│   └── [4.1K]  poc.patch
└── [4.0K]  tools
    ├── [ 448]  add_to_path_tools.sh
    ├── [ 107]  del_to_path_tools.sh
    ├── [ 362]  poc_cfg_deps.py
    ├── [ 980]  poc_compile.py
    ├── [ 12K]  poc_init.py
    ├── [ 245]  poc_isload.py
    ├── [ 524]  poc_load.py
    ├── [2.0K]  poc_run.py
    └── [ 394]  poc_unload.py

4 directories, 22 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。