Exploit Microsoft Windows - 'POP/MOV SS' Privilege Escalation

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
44697
Проверка EDB
  1. Пройдено
Автор
CAN BöLüK
Тип уязвимости
LOCAL
Платформа
WINDOWS
CVE
cve-2018-8897
Дата публикации
2018-05-22
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
Код:
Demo exploitation of the POP SS vulnerability (CVE-2018-8897), leading to unsigned code execution with kernel privilages.

- KVA Shadowing should be disabled and the relevant security update should be uninstalled.
- This may not work with certain hypervisors (like VMWare), which discard the pending #DB after INT3.

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44697.zip
 
Источник
www.exploit-db.com

Похожие темы