CVE-2023-28252 PoC — Microsoft Windows Common Log File System Driver 安全漏洞

Source

https://github.com/Danasuley/CVE-2023-28252-

Associated Vulnerability

Title:Microsoft Windows Common Log File System Driver 安全漏洞 (CVE-2023-28252)
Description:Microsoft Windows Common Log File System Driver是美国微软（Microsoft）公司的通用日志文件系统 (CLFS) API 提供了一个高性能、通用的日志文件子系统，专用客户端应用程序可以使用该子系统并且多个客户端可以共享以优化日志访问。 Microsoft Windows Common Log File System Driver存在安全漏洞。以下产品和版本受到影响：Windows 10 Version 20H2 for 32-bit Systems,Win

Description

Обнаружение эксплойта CVE-2023-28252

Readme

# CVE-2023-28252-
Обнаружение эксплойта CVE-2023-28252 
Контроль создания файлов в директории, в котором эксплойт оставляет файлы, используемые для эксплуатации, по жестко заданному пути в папке "C:\Users\Public\", "C:\Users\Public\.container*", "C:\Users\Public\MyLog*.blf" и "C:\Users\Public\p_*".

File Snapshot


 [4.0K]  /data/pocs/c1a5ca0f91d2b045523ecf209e29af7396df8e4c
└── [ 438]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!