helloexp-0day/00-CVE_EXP/CVE-2019-0623 at master · baco997/helloexp-0day · GitHub

Name		Name	Last commit message	Last commit date
parent directory ..
src		src
CVE-2019-0623.exe		CVE-2019-0623.exe
README.md		README.md
README_EN.md		README_EN.md

README.md

CVE-2019-0623

描述

Win32k特权提升漏洞

影响版本

Product	CPU Architecture	Version	Update	Tested
Windows 10	x64/x86/ARM64	1803
Windows 10	x64/x86/ARM64	1709
Windows 10	x64/x86	1703
Windows 10	x64/x86	1607
Windows 10	x64/x86
Windows 8.1	x64/x86
Windows RT 8.1
Windows 7	x64/x86		SP1	✔
Windows Server 2016
Windows Server 2012		R2
Windows Server 2012
Windows Server 2008	x64/x86		SP2
Windows Server 2008	x64	R2	SP1
Windows Server		1803
Windows Server		1709

修复补丁

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0623

利用方式

编译环境

VS2019（V142）X86 Debug

改POC只对x86的机器有效，测试机器为Windows 7 SP1 x86

分析文章

https://paper.seebug.org/832/

代码来源

DreamoneOnly