CVE-2019-1388 PoC — Microsoft Windows Certificate Dialog 安全漏洞

Source

https://github.com/sv3nbeast/CVE-2019-1388

Associated Vulnerability

Title:Microsoft Windows Certificate Dialog 安全漏洞 (CVE-2019-1388)
Description:Microsoft Windows和Microsoft Windows Server都是美国微软（Microsoft）公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。Windows Certificate Dialog是其中的一个证书操作对话框组件。 Microsoft Windows Certificate Dialog中存在提权漏洞，该漏洞源于程序没有正确执行用户特权。攻击者可通过登录系统并借助特制的应用

Description

guest→system（UAC手动提权）

Readme

# CVE-2019-1388
guest→系统（UAC手动提权，gif图略慢，请稍等)

![](./1388.gif)


# 参考链接
http://www.svenbeast.com/post/OsMblUp6w/

https://github.com/Lz1y/imggo

File Snapshot


 [4.0K]  /data/pocs/3c04f6b9979629948bcdbcbb069919a253b7dce5
├── [4.0M]  1388.gif
├── [715K]  HHUPD.exe
└── [ 183]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!