Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0668 PoC — Microsoft Windows Kernel 安全漏洞

Source
https://github.com/Nan3r/CVE-2020-0668
Associated Vulnerability
Title:Microsoft Windows Kernel 安全漏洞 (CVE-2020-0668)
Description:An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.
Description
CVE-2020-0668
Readme
# CVE-2020-0668

powershell 实现,利用[printconfig.dll](https://github.com/Nan3r/writedacl2system/tree/master/printconfig.dll)来提权

[evil dll](https://github.com/Nan3r/dll/tree/master/common%20dll/run_programdata_setup.bat)可以自己定义,我这里的dll会执行c:\programdata\setup.bat文件


## Reference:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0668

https://itm4n.github.io/cve-2020-0668-windows-service-tracing-eop



## TODO:

​	1.利用RASPLAP服务提权  https://github.com/NotGlop/SysExec/blob/master/source/SysExec.cpp 

​	2.利用RASMAN服务提权
File Snapshot

 [4.0K]  /data/pocs/1795e07ff900f4f6edc2f4c1fb92ab16118f4ab3
├── [ 27K]  CVE-2020-0668.ps1
├── [1.1M]  NtApiDotNet.dll
├── [201K]  poc.png
└── [ 621]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →