CVE-2021-31166 PoC — HTTP Protocol Stack Remote Code Execution Vulnerability

Source

https://github.com/zha0gongz1/CVE-2021-31166

Associated Vulnerability

Title:HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2021-31166)
Description:HTTP Protocol Stack Remote Code Execution Vulnerability

Description

PoC for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. Although it was defined as remote command execution, it can only cause the system to crash.

Readme

# CVE-2021-31166

## 0x00.Description
This is a proof of concept for CVE-2021-31166 ("HTTP Protocol Stack Remote Code Execution Vulnerability"), a use-after-free dereference in http.sys patched by Microsoft in May 2021.

*As far as I know, it can only trigger the program to crash, please use it with caution.*

## 0x01.Impact

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

## 0x02.Reference

[HTTP Protocol Stack Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31166)

File Snapshot


 [4.0K]  /data/pocs/938bf17b708cedc37ed4d32b567ba35b2e3ac930
├── [ 364]  CVE-2021-31166.py
└── [ 869]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!