CVE-2023-36802 PoC — Microsoft Streaming Service 安全漏洞

Source

https://github.com/4zur-0312/CVE-2023-36802

Associated Vulnerability

Title:Microsoft Streaming Service 安全漏洞 (CVE-2023-36802)
Description:Microsoft Streaming Service是美国微软（Microsoft）公司的一个视频平台。 Microsoft Streaming Service存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响：Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Win

Description

CVE-2023-36802 ITW case

Readme

# CVE-2023-36802
CVE-2023-36802 ITW case

## Explain
Using `PreviousMode` overwrite primitive

https://cwresearch.tistory.com/entry/Microsoft-Streaming-Service-Proxy-Elevation-of-Privilege-Vulnerability-CVE-2023-36802

## Thanks to
- [chompie](https://securityintelligence.com/x-force/critically-close-to-zero-day-exploiting-microsoft-kernel-streaming-service/)
- [Google Project 0](https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-36802.html)

File Snapshot


 [4.0K]  /data/pocs/4f3aea272e0e269c98fbb9bf5376a34cac2c41b1
├── [4.0K]  CVE-2023-36802
│   ├── [8.0K]  CVE-2023-36802.c
│   └── [1.4K]  defs.h
└── [ 474]  README.md

1 directory, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!