关联漏洞
标题:多款Microsoft产品访问控制错误漏洞 (CVE-2017-8464)Description:Microsoft Windows等都是美国微软(Microsoft)公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows XP是一套PC和平板电脑使用的操作系统。Windows是一种桌面操作系统。 Microsoft Windows中的Windows Shell中存在访问控制错误漏洞。攻击者可借助特制的.LNK文件利用该漏洞执行任意代码。以下版本受到影响:Microsoft Windows Server 2008 SP2和R2 SP1,Windo
Description
Usbhijacking | CVE-2017-8464
介绍
# CVE-2017-8464 PoC
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability .
CVSS Score
- 9.3
Confidentiality Impact
- Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact
- Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact
- Complete (There is a total shutdown of the affected resource. The attacker
can render the resource completely unavailable.)
Access Complexity
- Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication
- Not required (Authentication is not required to exploit the vulnerability.)
Gained Access
- None
Vulnerability Type(s)
- Execute Code
# Contact Me
[Facebook](https://www.facebook.com/X.Vector1) - [Linkedin](https://www.linkedin.com/in/mohamed-abdelfatah-509b01149/)
文件快照
[4.0K] /data/pocs/ce3b1e021d16a197821e9f388580f533d75637a6
├── [1.4K] README.md
└── [6.0K] usbhijacking.rb
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。