Microsoft Windows 8.1 (x64) – RGNOBJ Integer Overflow (MS16-098) (2)

Exploit Database
38 阅读

作者： SensePost

日期： 2017-08-08
类别：
- local
平台：
- windows_x86-64
来源：https://www.exploit-db.com/exploits/42435/

Sources:
- https://github.com/sensepost/gdi-palettes-exp
- https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/

Windows 7 SP1 x86 exploit presented at DEF CON 25 involving the abuse of a newly discovered GDI object abuse technique. 

DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects 

- https://www.defcon.org/html/defcon-25/dc-25-speakers.html#El-Sherei 
- https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/5A1F/


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42435.zip

last Exploits
Microsoft Windows 8.1 (x64) – RGNOBJ Integer Overflow (MS16-098) (2)的更多信息

CorelDRAW X3 13.0.0.576 – ‘crlrib.dll’ DLL Hijacking：
Snes9K 0.0.9z – Buffer Overflow (SEH)：
InterVideo WinDVD 5 – ‘cpqdvd.dll’ DLL Hijacking：
Snes9K 0.09z – ‘Port Number’ Buffer Overflow (SEH)：
Mini-stream RM-MP3 Converter 3.1.2.2 – Local Buffer Overflow：
NRSS Reader 0.3.9 – Local Stack Overflow：
Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape：
Linux Kernel 4.4 – ‘rtnetlink’ Stack Memory Disclosure：