CVE-2019-1388 PoC — Microsoft Windows Certificate Dialog 安全漏洞

Source

https://github.com/nobodyatall648/CVE-2019-1388

Associated Vulnerability

Title:Microsoft Windows Certificate Dialog 安全漏洞 (CVE-2019-1388)
Description:Microsoft Windows和Microsoft Windows Server都是美国微软（Microsoft）公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。Windows Certificate Dialog是其中的一个证书操作对话框组件。 Microsoft Windows Certificate Dialog中存在提权漏洞，该漏洞源于程序没有正确执行用户特权。攻击者可通过登录系统并借助特制的应用

Description

CVE-2019-1388  Abuse UAC Windows Certificate Dialog

Readme

# CVE-2019-1388 
 
 ## CVE-2019-1388  Abuse UAC Windows Certificate Dialog

Description: 

This CVE exploit tend to abuse the UAC windows Certificate Dialog to execute the certificate issuer link as an NT Authority User and open a browser that is under NT Authority User. Then we can use that to prompt a shell as a NT Authority User.

Steps:
 ```
 1) find a program that can trigger the UAC prompt screen

 2) select "Show more details"

 3) select "Show information about the publisher's certificate"

 4) click on the "Issued by" URL link it will prompt a browser interface.

 5) wait for the site to be fully loaded & select "save as" to prompt a explorer window for "save as".

 6) on the explorer window address path, enter the cmd.exe full path:
 C:\WINDOWS\system32\cmd.exe

 7) now you'll have an escalated privileges command prompt. 
 ```

 Video PoC: https://www.youtube.com/watch?v=RW5l6dQ8H-8

File Snapshot


 [4.0K]  /data/pocs/faa3aa7f968815573121bfab77ea63bf95ef4a74
└── [ 906]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!