CVE-2020-1054 PoC — Microsoft Windows 缓冲区错误漏洞

Source

https://github.com/0xeb-bp/cve-2020-1054

Associated Vulnerability

Title:Microsoft Windows 缓冲区错误漏洞 (CVE-2020-1054)
Description:Microsoft Windows是美国微软（Microsoft）公司的一套个人设备使用的操作系统。 Microsoft Windows中存在缓冲区错误漏洞，该漏洞源于内核模式驱动程序没有正确处理内存对象。攻击者可通过登录到系统并运行特制的应用程序利用该漏洞在内核模式中运行任意代码。以下产品及版本受到影响：Microsoft Windows 10，Windows 10 1607版本，Windows 10 1709版本，Windows 10 1803版本，Windows 10 1809版本，Windows

Description

LPE for CVE-2020-1054 targeting Windows 7 x64

Readme

# CVE-2020-1054
CVE-2020-1054 LPE for Windows 7x64

![image 1](demo.gif)

## Usage 

Install Rust if you need it https://www.rust-lang.org/learn/get-started

Compile the code:

`cargo build --release`

Copy the .exe from `target/release/` to target and execute.

### Windows KB

If a specific Windows KB is not installed slight changes to the exploit are required. These are noted in two places via comments. I will update what the specific KB is shortly.

## Additional Information
* https://0xeb-bp.github.io/blog/2020/06/15/cve-2020-1054-analysis.html

File Snapshot


 [4.0K]  /data/pocs/d5dca1512affc06111e93ac4a5045c4cd93b38a2
├── [ 390]  Cargo.toml
├── [7.0M]  demo.gif
├── [ 555]  README.md
└── [4.0K]  src
    └── [ 14K]  main.rs

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!