Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2023-21768 PoC — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Source
https://github.com/zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit
Associated Vulnerability
Title:Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability (CVE-2023-21768)
Description:Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Readme
# CVE-2023-21768-AFD-for-WinSock-EoP-exploit

分析文章在这里:

https://mp.weixin.qq.com/s/9W9puJltbK-xto2A1duqgQ

https://www.zoemurmure.top/posts/cve_2023_21768/

根据 [Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours](https://securityintelligence.com/posts/patch-tuesday-exploit-wednesday-pwning-windows-ancillary-function-driver-winsock/) 自己编写出来的,添加了提权后的 cleanup 代码,可成功实现提权。测试平台:Windows 11 22621.963 Windows Feature Experience Pack 1000.22638.1000.0

运行截图:

![screenshot-20230420-163108](https://user-images.githubusercontent.com/43516782/233308029-b26fa71a-2eee-4f8e-88d1-3d1852355d6b.png)


提权成功:

![screenshot-20230420-163018](https://user-images.githubusercontent.com/43516782/233307633-064f6b7e-5fe3-4e86-98d6-08b65ecbc3cd.png)
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →