66
GitHub - digital-missiles/CVE-2019-0708-PoC-Hitting-Path: It's only hitt...
source link: https://github.com/digital-missiles/CVE-2019-0708-PoC-Hitting-Path
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
CVE-2019-0708-PoC-Hitting-Path
Really Really Bad, don't judge this code hahaha (it's terrible)
It's only hitting vulnerable path in termdd.sys!!! NOT DOS
Tested only on Windows XP Sp3 x86, Windows 7 will need negotiation part probably so it won't work (I hope that work at all)
Maybe it will be useful for exploit development
TO DO - I think that somebody will post PoC before I will do it xD
- Make code more flexible ( Calculating lengths of packets(ASN.1) is mostly hardcoded and its working almost for one case )
- Make negotiation part for Windows 7 https://code.acr.moe/kazari/rdp-replay/blob/6339ef8e88d0ee101b533fab9230ad3b73b5870c/libfree_rdp/libfreerdp-core/nego.h
- Make support for other keys, Now it's only supporting 128BIT RC4 NON-FIPS
- Code refactoring
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK