CVE-2014-1812 PoC — Microsoft Windows组策略首选项密码特权提升漏洞

Source

https://github.com/mauricelambert/gpp-encrypt

Associated Vulnerability

Title:Microsoft Windows组策略首选项密码特权提升漏洞 (CVE-2014-1812)
Description:Active Directory（活动目录）是美国微软（Microsoft）公司的一套面向Windows服务器的目录服务，它用于存储网络和域的相关信息和数据。 Microsoft Windows Active Directory分发使用组策略首选项配置的密码的方式中存在一个特权提升漏洞。成功利用此漏洞的经过身份验证的攻击者可能会对密码进行解密，并使用它们来在域上提升特权。以下软件受到影响：Microsoft Windows Vista SP2，Windows Server 2008 SP2和R2 SP1，

Description

This little script encrypts password to gpp cpassword. It useful to create vulnerable lab AD (CVE-2014-1812).

Readme

# gpp-encrypt

## Description

This little script encrypts password to gpp cpassword. It useful to
create vulnerable lab AD.

## Requirements

This package require:
 - python3
 - python3 Standard Library

## Installation

```bash
git clone "https://github.com/mauricelambert/gpp-encrypt.git"
cd "gpp-encrypt"
python3 -m pip install -r requirements.txt
```

## Usages

### Command line

```bash
python3 gpp-encrypt.py   # Using python script
python3 gpp-encrypt.pyz  # Using python executable

chmod u+x gpp-encrypt.py
chmod u+x gpp-encrypt.pyz
./gpp-encrypt.py
./gpp-encrypt.pyz
```

## Links

 - [Github](https://github.com/user/gpp-encrypt)
 - [Python executable](https://github.com/mauricelambert/gpp-encrypt/releases/download/v0.0.1/gpp-encrypt.pyz)

## License

Licensed under the [GPL, version 3](https://www.gnu.org/licenses/).

File Snapshot


 [4.0K]  /data/pocs/7cdaadcae3516025720a028262673cbc92ac3052
├── [2.4K]  gpp-encrypt.py
├── [ 34K]  LICENSE.txt
├── [ 878]  README.md
└── [  20]  requirements.txt

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!