CVE-2018-8414 PoC — Microsoft Windows Shell 安全漏洞

Source

https://github.com/whereisr0da/CVE-2018-8414-POC

Associated Vulnerability

Title:Microsoft Windows Shell 安全漏洞 (CVE-2018-8414)
Description:Microsoft Windows 10等都是美国微软（Microsoft）公司发布的一系列操作系统。Windows Shell是一个Windows系统下与用户交互的界面，它允许用户执行公共的任务，如访问文件系统、导出执行程序和改变系统设置等。 Microsoft Windows Shell中存在远程执行代码漏洞，该漏洞源于程序没有正确地验证文件路径。远程攻击者可利用该漏洞在当前用户的上下文中运行任意代码。以下系统版本受到影响：Microsoft Windows 10版本1703，Windows 10版本

Description

Simple poc of CVE-2018-8414 Windows Package Setting RCE Vulnerability

Readme

# CVE-2018-8414 POC

Windows Shell Package Setting Remote Code Execution Vulnerability

Since : Windows 10 Version 1703 to 1803
       / Windows Server Version 1709 to 1803
       
Note : Some time the exploit fail depending of the file location (default policy settings), so for that just copy the file in the Package Settings Dir and it should execute rightly
* C:\Users\\[USER]\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\\[LANGUAGE]\

More details : https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414

Credit to 0patch

File Snapshot


 [4.0K]  /data/pocs/5bb95f8bb423b87b9689b92ec79b8864c46598db
├── [ 733]  poc.settingcontent-ms
└── [ 604]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!