POC详情: 9d53ac0b75ef7ce8cc20f78c93c761e4edb2b6d6

来源
https://github.com/Vulmatch/CVE-2023-28252
关联漏洞
标题: Microsoft Windows Common Log File System Driver 安全漏洞 (CVE-2023-28252)
描述:Microsoft Windows Common Log File System Driver是美国微软(Microsoft)公司的通用日志文件系统 (CLFS) API 提供了一个高性能、通用的日志文件子系统,专用客户端应用程序可以使用该子系统并且多个客户端可以共享以优化日志访问。 Microsoft Windows Common Log File System Driver存在安全漏洞。以下产品和版本受到影响:Windows 10 Version 20H2 for 32-bit Systems,Win
描述
The TL;DR for the learnings of Windows Vulnerability CVE-2023-28252
介绍
# CVE-2023-28252
The TL;DR for the learnings of Windows Vulnerability CVE-2023-28252


So this weekend I was practising the Aero machine on Hack The Box. The box is so much fun playing it when you can mimic a real-world attack to a Windows 11 machine. After completing it, I was very curious and wanting to know how the privilage-escalation exploit works. So I mainly read the article written by the exploit author [1]. The description is very detailed, well-explained. But going through the whole process takes a lot of time. To better demonstrate the exploit workflow, I want to visualize the process here. A big solute to the exploit authors Ricardo narvaja and  Esteban kazimirow, as well as the authors from Qianxin[2].

![](1.png)
![](2.png)
![](3.png)

[1] https://github.com/fortra/CVE-2023-28252

[2] https://ti.qianxin.com/blog/articles/CVE-2023-28252-Analysis-of-In-the-Wild-Exploit-Sample-of-CLFS-Privilege-Escalation-Vulnerability/
文件快照

 [4.0K]  /data/pocs/9d53ac0b75ef7ce8cc20f78c93c761e4edb2b6d6
├── [ 23K]  1.png
├── [ 42K]  2.png
├── [ 67K]  3.png
└── [ 945]  README.md

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。