CVE-2018-8120 PoC — Microsoft Windows 权限许可和访问控制问题漏洞

Source

https://github.com/ozkanbilge/CVE-2018-8120

Associated Vulnerability

Title:Microsoft Windows 权限许可和访问控制问题漏洞 (CVE-2018-8120)
Description:Microsoft Windows 7 SP1、Windows Server 2008 SP2和Windows Server 2008 R2 SP1都是美国微软（Microsoft）公司的产品。Microsoft Windows 7 SP1是一套供个人电脑使用的操作系统；Windows Server 2008 SP2是一套服务器操作系统。R2 SP1是它的升级版。 Microsoft Windows中存在提权漏洞，该漏洞源于Win32k组件没有正确的处理内存中的对象。攻击者可利用该漏洞在内核模式下以提升的

Description

CVE-2018-8120 Windows LPE exploit

Readme

# CVE-2018-8120
CVE-2018-8120 Windows LPE exploit


Supports both x32 and x64.

Tested on: Win7 x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 x64.

![image](https://github.com/unamer/CVE-2018-8120/blob/master/screenshot.bmp)

## Usage
```shell
CVE-2018-8120 exploit by @unamer(https://github.com/unamer)
Usage: exp.exe command
Example: exp.exe "net user admin admin /ad"
```
## Caution
* Please exclude shellcode.asm if you wanna compile x32 version.

## Reference
* https://xiaodaozhi.com/exploit/156.html
* https://github.com/bigric3/cve-2018-8120

File Snapshot


 [4.0K]  /data/pocs/4f847366d175dbb71dd69d32e0250d3698e77b34
├── [4.0K]  CVE-2018-8120
│   ├── [7.3K]  CVE-2018-8120.vcxproj
│   ├── [1.0K]  CVE-2018-8120.vcxproj.filters
│   ├── [2.2K]  shellcode.asm
│   └── [ 12K]  Source.cpp
├── [1.3K]  CVE-2018-8120.sln
├── [ 34K]  LICENSE
├── [ 559]  README.md
├── [4.0K]  Release
│   └── [ 80K]  CVE-2018-8120.exe
├── [422K]  screenshot.bmp
└── [4.0K]  x64
    └── [4.0K]  Release
        └── [ 92K]  CVE-2018-8120.exe

4 directories, 10 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!