Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0668 PoC — Microsoft Windows Kernel 安全漏洞

Source
https://github.com/modulexcite/SysTracingPoc
Associated Vulnerability
Title:Microsoft Windows Kernel 安全漏洞 (CVE-2020-0668)
Description:An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.
Description
CVE-2020-0668 - Microsoft Windows Service Tracing Arbitrary File Move Local Privilege Escalation Vulnerability
Readme
# SysTracingPoc

CVE-2020-0668 - Microsoft Windows Service Tracing Arbitrary File Move Local Privilege Escalation Vulnerability

For more information: https://itm4n.github.io/cve-2020-0668-windows-service-tracing-eop/
File Snapshot

 [4.0K]  /data/pocs/6dc9cf579735be224d813722294b9f99ad70ff7d
├── [4.0K]  CommonUtils
│   ├── [3.5K]  CommonUtils.cpp
│   ├── [1023]  CommonUtils.h
│   ├── [4.8K]  CommonUtils.vcxproj
│   ├── [2.6K]  CommonUtils.vcxproj.filters
│   ├── [1.9K]  DirectoryObject.cpp
│   ├── [4.3K]  FileOpLock.cpp
│   ├── [ 753]  FileOpLock.h
│   ├── [4.7K]  FileSymlink.cpp
│   ├── [ 562]  FileSymlink.h
│   ├── [1.6K]  Hardlink.cpp
│   ├── [1.9K]  NativeSymlink.cpp
│   ├── [2.2K]  ntimports.h
│   ├── [5.0K]  RegistrySymlink.cpp
│   ├── [ 13K]  ReparsePoint.cpp
│   ├── [1.2K]  ReparsePoint.h
│   ├── [1.7K]  ScopedHandle.cpp
│   ├── [ 473]  ScopedHandle.h
│   ├── [ 290]  stdafx.cpp
│   ├── [ 260]  stdafx.h
│   ├── [ 306]  targetver.h
│   └── [1.3K]  typed_buffer.h
├── [ 218]  README.md
├── [4.0K]  SysTracing
│   ├── [ 19K]  Exploit.cpp
│   ├── [1.1K]  Exploit.h
│   ├── [7.7K]  SysTracing.vcxproj
│   ├── [1.3K]  SysTracing.vcxproj.filters
│   ├── [3.7K]  Utils.cpp
│   └── [ 238]  Utils.h
├── [4.0K]  SysTracingExploit
│   ├── [4.0K]  Resource
│   │   ├── [ 88K]  WindowsCoreDeviceInfo_x64.dll
│   │   └── [ 74K]  WindowsCoreDeviceInfo_x86.dll
│   ├── [ 485]  resource.h
│   ├── [5.7K]  SysTracingExploit.cpp
│   ├── [3.2K]  SysTracingExploit.rc
│   ├── [8.3K]  SysTracingExploit.vcxproj
│   └── [1.4K]  SysTracingExploit.vcxproj.filters
├── [4.0K]  SysTracingPoc
│   ├── [ 251]  pch.cpp
│   ├── [  66]  pch.h
│   ├── [1.9K]  SysTracingPoc.cpp
│   ├── [8.5K]  SysTracingPoc.vcxproj
│   └── [1.2K]  SysTracingPoc.vcxproj.filters
├── [5.1K]  SysTracingPoc.sln
├── [4.0K]  UsoDllLoader
│   ├── [ 207]  BindShell.h
│   ├── [2.8K]  MiniUsoClient.cpp
│   ├── [ 13K]  MiniUsoClient.h
│   ├── [4.0K]  TcpClient.cpp
│   ├── [ 333]  TcpClient.h
│   ├── [1.2K]  UsoDllLoader.cpp
│   ├── [7.6K]  UsoDllLoader.vcxproj
│   └── [1.4K]  UsoDllLoader.vcxproj.filters
└── [4.0K]  WindowsCoreDeviceInfo
    ├── [1.2K]  BindShell.cpp
    ├── [ 104]  BindShell.h
    ├── [ 979]  WindowsCoreDeviceInfo.cpp
    ├── [  94]  WindowsCoreDeviceInfo.def
    ├── [7.9K]  WindowsCoreDeviceInfo.vcxproj
    └── [1.3K]  WindowsCoreDeviceInfo.vcxproj.filters

7 directories, 55 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →