CVE-2016-7255 PoC — Microsoft Win32k 特权提升漏洞

Source

https://github.com/yuvatia/page-table-exploitation

Associated Vulnerability

Title:Microsoft Win32k 特权提升漏洞 (CVE-2016-7255)
Description:Microsoft Windows是美国微软（Microsoft）公司发布的一系列操作系统。 Microsoft Windows的内核模式驱动程序存在特权提升漏洞。攻击者可利用该漏洞在内核模式下执行任意代码。以下版本受到影响：Microsoft Windows Vista SP2，Windows Server 2008 SP2和R2 SP1，Windows 7 SP1，Windows 8.1，Windows Server 2012 Gold和R2，Windows RT 8.1，Windows 10 Gol

Description

A demonstration of how page tables can be used to run arbitrary code in ring-0 and lead to a privesc. Uses CVE-2016-7255 as an example.

Readme

# page-table-exploitation
A demonstration of how page tables can be used to run arbitrary code in ring-0 and lead to a privesc. Uses CVE-2016-7255 as an example.

File Snapshot


 [4.0K]  /data/pocs/d20227bf2a678f53fed6122ddfb39eabe4a8c3d1
├── [ 513]  calculations.py
├── [4.0K]  cve-2016-7255-pte
│   ├── [4.0K]  cve-2016-7255-pte
│   │   ├── [1.6K]  arbitrary_or.c
│   │   ├── [ 170]  arbitrary_or.h
│   │   ├── [6.9K]  cve-2016-7255-pte.vcxproj
│   │   ├── [1.6K]  cve-2016-7255-pte.vcxproj.filters
│   │   ├── [ 734]  hevd.c
│   │   ├── [ 259]  hevd.h
│   │   ├── [2.7K]  main.c
│   │   ├── [ 958]  paging.c
│   │   ├── [ 783]  paging.h
│   │   └── [ 869]  payload.asm
│   └── [1.4K]  cve-2016-7255-pte.sln
├── [ 34K]  LICENSE
└── [ 162]  README.md

2 directories, 14 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!