exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from bee13oy

Microsoft Windows DrawIconEx Local Privilege Escalation

Posted Dec 15, 2020

Authored by timwr, bee13oy, Yoav Alon, Netanel Ben-Simon | Site metasploit.com

This Metasploit module exploits CVE-2020-1054, an out of bounds write reachable from DrawIconEx within win32k. The out of bounds write can be used to overwrite the pvbits of a SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary code execution as the SYSTEM user. This module has been tested against a fully updated Windows 7 x64 SP1. Offsets within the exploit code may need to be adjusted to work with other versions of Windows.

tags | exploit, arbitrary, kernel, code execution

systems | windows

advisories | CVE-2020-1054

SHA-256 | 868acae66ad56703c17e3c65ef2f0fd90bad10c8ec6f9816219080fe42106f93

Download | Favorite | View

Avast aswSnx.sys Kernel Driver 11.1.2253 Memory Corruption

Posted Jun 16, 2017

Authored by bee13oy

Avast aswSnx.sys kernel driver version 11.1.2253 suffers from a memory corruption vulnerability that allows for privilege escalation.

tags | exploit, kernel

SHA-256 | 4b059cb64fa6ab746c74284f0a93779fa8c1cf348195a1d979385aa00b69e1c1

Download | Favorite | View