CVE-2018-8120 PoC — Microsoft Windows 权限许可和访问控制问题漏洞

Source

https://github.com/Y0n0Y/cve-2018-8120-exp

Associated Vulnerability

Title:Microsoft Windows 权限许可和访问控制问题漏洞 (CVE-2018-8120)
Description:Microsoft Windows 7 SP1、Windows Server 2008 SP2和Windows Server 2008 R2 SP1都是美国微软（Microsoft）公司的产品。Microsoft Windows 7 SP1是一套供个人电脑使用的操作系统；Windows Server 2008 SP2是一套服务器操作系统。R2 SP1是它的升级版。 Microsoft Windows中存在提权漏洞，该漏洞源于Win32k组件没有正确的处理内存中的对象。攻击者可利用该漏洞在内核模式下以提升的

Readme

# cve-2018-8120-exp

exp for cve-2018-8120

learn from:
https://xiaodaozhi.com/exploit/156.html
https://github.com/unamer/CVE-2018-8120

test on win7 sp1 x86 and x64

File Snapshot


 [4.0K]  /data/pocs/d9307d8e44a01a0957c6432fe43f0118829a8cd9
├── [4.0K]  cve2018-8120poc
│   ├── [4.0K]  cve2018-8120poc
│   │   ├── [3.5K]  cve2018-8120poc.cpp
│   │   ├── [8.4K]  cve2018-8120poc.vcxproj
│   │   ├── [1.6K]  cve2018-8120poc.vcxproj.filters
│   │   ├── [ 165]  cve2018-8120poc.vcxproj.user
│   │   ├── [4.0K]  Debug
│   │   │   ├── [1013]  cve2018-8120poc.Build.CppClean.log
│   │   │   └── [   3]  cve2018-8120poc.log
│   │   ├── [ 15K]  payloads.cpp
│   │   ├── [ 11K]  payloads.h
│   │   ├── [4.0K]  Release
│   │   │   ├── [1.1K]  cve2018-8120poc.Build.CppClean.log
│   │   │   └── [   3]  cve2018-8120poc.log
│   │   ├── [ 166]  shellcode.asm
│   │   ├── [  25]  stdafx.cpp
│   │   ├── [  86]  stdafx.h
│   │   ├── [  40]  targetver.h
│   │   └── [4.0K]  x64
│   │       ├── [4.0K]  Debug
│   │       │   └── [   3]  cve2018-8120poc.log
│   │       └── [4.0K]  Release
│   │           ├── [1.5K]  cve2018-8120poc.Build.CppClean.log
│   │           └── [   3]  cve2018-8120poc.log
│   ├── [1.3K]  cve2018-8120poc.sln
│   └── [4.0K]  ipch
│       └── [4.0K]  CVE2018-8120POC-9722477b
│           ├── [3.4M]  CVE2018-8120POC-2e4718d.ipch
│           ├── [3.4M]  CVE2018-8120POC-314d0ac7.ipch
│           ├── [3.4M]  CVE2018-8120POC-f75285af.ipch
│           └── [3.4M]  CVE2018-8120POC-f990af69.ipch
└── [ 166]  README.md

9 directories, 23 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!