CVE-2023-21768 PoC — Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞

Source

https://github.com/Malwareman007/CVE-2023-21768

Associated Vulnerability

Title:Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞 (CVE-2023-21768)
Description:Microsoft Windows Ancillary Function Driver for WinSock是美国微软（Microsoft）公司的Winsock 的辅助功能驱动程序。 Microsoft Windows Ancillary Function Driver for WinSock存在安全漏洞。攻击者利用该漏洞可以提升权限。

Description

Windows_AFD_LPE_CVE-2023-21768

Readme

# CVE-2023-21768 Local Privilege Escalation POC

authors: [chompie](https://twitter.com/chompie1337) & [b33f](https://twitter.com/FuzzySec)

For demonstration purposes only. Complete exploit works on vulnerable Windows 11 22H2 systems. 
Write primitive works on all vulnerable systems.

Usage:

```
Windows_AFD_LPE_CVE-2023-21768.exe <pid>
```

where `<pid>` is the process ID (in decimal) of the process to elevate.

Should result in the target process being elevated to SYSTEM




https://user-images.githubusercontent.com/86009160/224833738-5d6ca2be-fb1d-4d92-85b3-ad1cb1a28472.mp4

File Snapshot


 [4.0K]  /data/pocs/9b633e46215508429724b710ad190c67adf968e0
├── [4.0K]  CVE-2023-21768
│   ├── [6.2K]  exploit.c
│   ├── [2.3K]  ioring.h
│   ├── [8.0K]  ioring_lpe.c
│   ├── [7.0K]  win_defs.h
│   ├── [6.7K]  Windows_AFD_LPE_CVE-2023-21768.vcxproj
│   └── [1.3K]  Windows_AFD_LPE_CVE-2023-21768.vcxproj.filters
├── [1.4K]  CVE-2023-21768.sln
├── [ 34K]  LICENSE
└── [ 586]  README.md

1 directory, 9 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!