补充几个缺失的CVE及其exp
ycdxsb opened this issue · 6 comments
您好,我对比了一下Kernel Hub中已有的2019-2021年exp和我爬取到的exp,发现缺失了下面几个win32k的exp,对应的CVE描述和exp链接如下:
CVE-2020-1054
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.
- https://github.com/0xeb-bp/cve-2020-1054
- https://github.com/Iamgublin/CVE-2020-1054
- https://github.com/Graham382/CVE-2020-1054
CVE-2020-1034
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
CVE-2020-0668
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.
CVE-2019-1132
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
CVE-2019-0808
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
CVE-2019-0623
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
好的,谢谢您的关注以及提供的EXP:thumbsup:等HVV结束我补充上去
cve-2019-1132 在Windows 7 SP1 x86/x64和Windows 7 x86/x64 测试都无法通过
CVE-2020-1034 无法编译成功
CVE-2020-0668 待测试
CVE-2019-0623 测试成功
CVE-2019-0808测试成功
CVE-2020-1054 测试成功
好的,麻烦您了~
你这边还有其他的POC嘛,哪两个还能抢救下
我昨天给你的google邮箱发了一封邮件,里面有我整理的windows提权漏洞,区分了poc和exp。整理的时候也发现一些KernelHub缺失的CVE,你可以看一下。邮件的附件可以在这里下载到 https://github.com/ycdxsb/WindowsPrivilegeEscalation/releases/download/20210429/README.pdf
好的,您这边看下邮件