Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-0213 PoC — Microsoft Windows COM 权限许可和访问控制问题漏洞

Source
https://github.com/eonrickity/CVE-2017-0213
Associated Vulnerability
Title:Microsoft Windows COM 权限许可和访问控制问题漏洞 (CVE-2017-0213)
Description:Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.
Description
Fixed No Virus Manual Automatic Loader exe no zip because zip picks up the anti virus detector.
Readme
# CVE-2017-0213: Windows COM Elevation of Privilege Vulnerability

## Description

**Author:** Google Security Research

**CVE:** 2017-0213

**EDB-ID:** 42020

**References:** [Project-Zero](https://bugs.chromium.org/p/project-zero/issues/detail?id=1107) [Microsoft](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0213) [Exploit-Database](https://www.exploit-db.com/exploits/42020/)

**Video:** [Youtube](https://youtu.be/6naFH9MQHy8)




## Affected Products

| Product             | Version | Update | Build | Tested |
| :------------------ | :------ | :----- | :---- | :----- |
| Windows 10          | 1511    |        | 10586 | √      |
| Windows 10          | 1607    |        | 14393 | √      |
| Windows 10          | 1703    |        | 15063 | √      |
| Windows 7           |         | SP1    |       | √      |
| Windows 8.1         |         |        |       |        |
| Windows RT 8.1      |         |        |       |        |
| Windows Server 2008 |         | SP2    |       |        |
| Windows Server 2008 | R2      | SP1    |       |        |
| Windows Server 2012 |         |        |       |        |
| Windows Server 2012 | R2      |        |       |        |
| Windows Server 2016 |         |        |       |        |

## Exploits

**x86 Exe:** [Download](https://github.com/Rylie7021/CVE-2017-0213/blob/master/CVE-2017-0213_x86.exe)

SHA256: 67824ca4b91897a8b2cb5cea916fa0ded010355f57110c2c50e9787324199949

**x64 Exe:** [Download](https://github.com/Rylie7021/CVE-2017-0213/blob/master/CVE-2017-0213_x64.exe)

SHA256: 64f8c52433718c83a7818b1c22c6d60bcc06d0a72b6582f7e5da5f02acfa8987


**x86 Zip:** [Download](https://github.com/WindowsExploits/Exploits/raw/master/CVE-2017-0213/Binaries/CVE-2017-0213_x86.zip)

SHA256: 67824ca4b91897a8b2cb5cea916fa0ded010355f57110c2c50e9787324199949

**x64 Zip:** [Download](https://github.com/WindowsExploits/Exploits/raw/master/CVE-2017-0213/Binaries/CVE-2017-0213_x64.zip)

SHA256: 64f8c52433718c83a7818b1c22c6d60bcc06d0a72b6582f7e5da5f02acfa8987
File Snapshot

 [4.0K]  /data/pocs/763754ba6bb855ee445b8f167f9304e1b57c7ac3
├── [201K]  CVE-2017-0213_x64 Antivirus Bypassed.rar
├── [157K]  CVE-2017-0213_x64.exe
├── [132K]  CVE-2017-0213_x86.exe
└── [2.0K]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →