关联漏洞
标题:Microsoft Windows 代码注入漏洞 (CVE-2021-43217)Description:Microsoft Windows是美国微软(Microsoft)公司的一套个人设备使用的操作系统。 Microsoft Windows Encrypting File System (EFS)存在代码注入漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,
介绍
# EFS Bypass Vulnerability_CVE-2021-43217
## Objective
This vulnerability demonstration aimed to establish a controlled environment for simulating an EFS bypass on windows 10 through Kali Linux. The primary focus was to perform a vulnerability pentration and show the possiblity of controlling a desktop through EFS's weakpoint.
### Skills Learned
- Advanced understanding of EFS
- Proficiency in Kali Linux
- Ability to generate python3 script and shellcodes (listed as Apicture)
- Ability to use MSFconsole and metasploit expliots, meterpreter and reverse_tcp
### Tools Used
- Windows EFS
- Windows 10
- Kali Linux
## Steps
https://github.com/JolynNgSC/EFS_CVE-2021-43217/assets/164031233/34679c13-5c89-4e77-a74f-e4e4f2616b0f
## Steps to Prevent
Do not click on suspicious links that are sent from unknown sources. Have organisation documents be uploaded into the cloud and do not rely on EFS solely to prevent any attacks.
文件快照
[4.0K] /data/pocs/bfca0821db61b7177ad41009b11e577c326cb4e8
└── [ 931] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。