Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-36874 PoC — Microsoft Windows Error Reporting 安全漏洞

Source
https://github.com/d0rb/CVE-2023-36874
Associated Vulnerability
Title:Microsoft Windows Error Reporting 安全漏洞 (CVE-2023-36874)
Description:Microsoft Windows Error Reporting(WER)是美国微软(Microsoft)公司的一个组件。使用户能够将应用程序故障、内核故障、无响应的应用程序和其他应用程序特定问题通知 Microsoft。 Microsoft Windows Error Reporting存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM6
Description
CVE-2023-36874 PoC
Readme
<div align="center">
    
 #  🇮🇱  **#BringThemHome #NeverAgainIsNow**   🇮🇱

**We demand the safe return of all citizens who have been taken hostage by the terrorist group Hamas. We will not rest until every hostage is released and returns home safely. You can help bring them back home.
https://stories.bringthemhomenow.net/**
</div>

# CVE-2023-36874 PoC

##
# 🔓 Introduction
This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Windows Error Reporting (WER) component. The exploit showcases the steps involved in triggering the vulnerability and is intended for educational purposes only. Any malicious or unethical use of this code is strictly discouraged.
##
# The exploit follows these steps to trigger the vulnerability:

    Initialize COM by calling CoInitialize(NULL).
    Create COM interfaces to interact with WER:
        Create an instance of CLSID_ERCLuaSupport to obtain an IErcLuaSupport interface.
        Use IErcLuaSupport to create an IWerStoreFactory instance.
        Create an IWerStore instance using IWerStoreFactory.
    Start the report enumeration process by calling pIWerStore->EnumerateStart().
    Load a report using pIWerStore->LoadReport function. Replace "ReportName" with the actual report name you want to exploit.
    Submit the loaded report to trigger the vulnerability by calling pIWerReport->SubmitReport().
    Release the COM interfaces and clean up the resources:
        pIWerReport->Release()
        pIWerStore->Release()
        pIWerStoreFactory->Release()
        pIErcLuaSupport->Release()
    Uninitialize COM by calling CoUninitialize().
##
# Disclaimer

This exploit is provided for educational purposes only. It is not intended for malicious or unethical use. The repository authors and contributors are not responsible for any misuse or damage caused by the use of this code.
License
This code is released under the MIT License.
Please use this code responsibly and adhere to ethical standards when working with security vulnerabilities and exploits.
</div>
File Snapshot

 [4.0K]  /data/pocs/c269f98f7847e8728e195f6223e71de4ed30e3eb
├── [1.5K]  PoC.cpp
└── [2.1K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.