最近看过此主题的会员

返回列表 发帖
Microsoft Windows 8.1 (x64) - (MS16-098)
Sources:
' I" }( ]2 Q7 b9 s- https://github.com/sensepost/gdi-palettes-exp2 k1 E5 Y/ F- p6 C( r) ]' `
- https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/0 g. f3 Q. y( H

6 G2 q1 a! t/ J, G) E& LWindows 7 SP1 x86 exploit presented at DEF CON 25 involving the abuse of a newly discovered GDI object abuse technique.
' r) ]8 z/ |! t8 ]. V* v( Z , B0 G5 {) ^- \( T4 K% B% y/ Q
DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects 2 n% M9 c" c3 b8 \

) x& }' m' k/ n/ `- https://www.defcon.org/html/defcon-25/dc-25-speakers.html#El-Sherei 2 i: s8 C9 b: a2 Q8 y! M
- https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/5A1F/2 [! c% F8 B' E/ v

! R  O' D# `3 ]" o( T9 R+ r
4 ^$ Z' J$ p0 I. w) o7 {  i4 t* @Proof of Concept:, g" u4 V; }8 _% J1 k4 L
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42435.zip
% R0 r9 y) i6 d; X$ l  b6 v0 }# s9 [* W5 v! j
6 w8 ~4 j7 }- e% H1 N# D
  I  _9 G" l9 t7 \3 ?& P
5 P& ?5 M. J2 ~3 N5 r. y, H

& h2 ~) @/ J) h  b1 o, x/ K. t' b$ y0 `& y5 s2 Q
9 ~( c4 }2 [& Y: p. I/ l9 |+ Y. Q

7 W6 t- ^! G: T, I/ h3 R9 i. L! k- H( `3 l5 T
2 v9 E- t% }* ]+ l% l/ g) p

( M7 n, g* ^( Y: L- H7 i* q7 Z" D, E5 U* s" W

! j  t! ]& c, r/ b, U# p. v! A: E$ V) P: o  ^$ E
  G4 k7 G* r$ z& c& q6 v) b5 k

1 M/ s' ]  v- F4 A( X! r0 p' O7 ?2 r; t4 _4 b
# q6 b2 ^) t" t7 i& K
公告:https://www.sitedirsec.com公布最新漏洞,请关注

 

您可能还想看的主题:

最近郁闷啊

个人喜欢的注入工具:WebCruiser2.42(带注册码)

迅雷VIP帐号获取器V5.0纯净版

17个获取安全漏洞/通告/利用的站点

115网盘真实地址(解析)获取工具

WINHEX15.7中英文安装即可使用,免注册,版本稳定!

iiscan邀请码5个

TOP

返回列表