Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/reflectivedllinjection' require 'rex' class Metasploit3 'Windows NTUserMessageCall Win32k Kernel Pool Overflow...

Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/reflectivedllinjection' require 'rex' class Metasploit3 'Windows NTUserMessageCall Win32k Kernel Pool Overflow...

Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)

This module leverages a kernel pool overflow in Win32k which allows local privilege escalation. The kernel shellcode nulls the ACL for the winlogon.exe process a SYSTEM process. This allows any unprivileged process to freely migrate to winlogon.exe, achieving privilege escalation. This exploit wa...

Win32k Memory Allocation Vulnerability(MS13-053)

No description provided by source. / more detials: https://labs.mwrinfosecurity.com/blog/2013/09/06/mwr-labs-pwn2own-2013-write-up-kernel-exploit/ this poc is written by 0xBigBan / include windows.h define NtUserMessageCall 0x11ea //on win7 sp1 x86 void SystemCallDWORD ApiNumber, ... asm lea edx,...

Microsoft Windows Kernel 'Win32k.sys'本地权限提升漏洞(CVE-2013-1340)(MS13-053)

BUGTRAQ ID: 60947 CVECAN ID: CVE-2013-1340 Microsoft Windows是微软公司推出的一系列操作系统。 Windows 内核模式驱动程序不正确地处理内存中的对象的方式中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以使用提升的特权执行任意代码。 0 Microsoft Windows Windows XP Service Pack 3 Microsoft Windows Windows Vista x64 Edition Serv Microsoft Windows Windows Vista Service Pack 2 Microso...

Microsoft Windows Kernel 'Win32k.sys'本地权限提升漏洞(CVE-2013-1300)(MS13-053)

BUGTRAQ ID: 60946 CVECAN ID: CVE-2013-1300 Microsoft Windows是微软公司推出的一系列操作系统。 Windows 内核模式驱动程序不正确地处理内存中的对象，存在一个特权提升漏洞。成功利用此漏洞的攻击者可以使用提升的特权执行任意代码。 0 Microsoft Windows Windows XP Service Pack 3 Microsoft Windows Windows Vista x64 Edition Serv Microsoft Windows Windows Vista Service Pack 2 Microsoft...

Microsoft Windows Kernel 'Win32k.sys'本地权限提升漏洞(CVE-2013-1345)

BUGTRAQ ID: 60948 CVECAN ID: CVE-2013-1345 Microsoft Windows是微软公司推出的一系列操作系统。 Windows 内核模式驱动程序不正确地处理内存中的对象的方式中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以使用提升的特权执行任意代码。 0 Microsoft Windows Windows XP Service Pack 3 Microsoft Windows Windows Vista x64 Edition Serv Microsoft Windows Windows Vista Service Pack 2 Microso...