CVE-2015-1701 PoC — Microsoft Windows Win32k 特权提升漏洞

Source

https://github.com/hfiref0x/CVE-2015-1701

Associated Vulnerability

Title:Microsoft Windows Win32k 特权提升漏洞 (CVE-2015-1701)
Description:Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."

Description

Win32k LPE vulnerability used in APT attack

Readme

# CVE-2015-1701
## Win32k Elevation of Privilege Vulnerability.

Original info https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html

# Protection

Apply MS15-051 for fix.
https://technet.microsoft.com/library/security/MS15-051


# Authors

(c) 2015 CVE-2015-1701 Project

# Credits

R136a1

File Snapshot


 [4.0K]  /data/pocs/aa64f60e32b5bcfb72e84ce7079f25018c14f0ad
├── [4.0K]  Compiled
│   ├── [5.5K]  Taihou32.exe
│   └── [6.0K]  Taihou64.exe
├── [1.0K]  CVE-2015-1701.sha256
├── [1.3K]  LICENSE.md
├── [ 314]  README.md
└── [4.0K]  Source
    ├── [4.0K]  Taihou
    │   ├── [9.8K]  main.c
    │   ├── [4.0K]  minirtl
    │   │   ├── [3.8K]  minirtl.h
    │   │   ├── [ 781]  rtltypes.h
    │   │   ├── [ 459]  _strcat.c
    │   │   └── [ 496]  _strcpy.c
    │   ├── [102K]  ntos.h
    │   ├── [8.5K]  Taihou.vcxproj
    │   └── [1.4K]  Taihou.vcxproj.filters
    └── [1.3K]  Taihou.sln

4 directories, 14 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!