Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-5736 PoC — Fortinet FortiClient 权限许可和访问控制漏洞

Source
https://github.com/avielzecharia/CVE-2015-5736
Associated Vulnerability
Title:Fortinet FortiClient 权限许可和访问控制漏洞 (CVE-2015-5736)
Description:The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
Description
PoC for CVE-2015-5736
Readme
# CVE-2015-5736
PoC for CVE-2015-5736 for educational purposes only.
File Snapshot

 [4.0K]  /data/pocs/b925a6a9720182ebf9355d19a3c8c824c4d0f9c6
├── [4.0K]  binaries
│   ├── [ 57K]  FortiShield.sys
│   ├── [1.5M]  FortiShield.sys.i64
│   ├── [553K]  hal.dll
│   └── [9.2M]  ntoskrnl.exe
├── [  69]  README.md
├── [4.0K]  rp-win
│   ├── [ 35K]  Forti_va0_3.txt
│   ├── [339K]  hal_va0_3.txt
│   ├── [4.9M]  ntos3.txt
│   ├── [4.6M]  ntos3_va0.txt
│   ├── [ 25M]  ntos4_va0.txt
│   ├── [3.2M]  rp-win.exe
│   └── [ 22M]  rp-win.pdb
└── [4.0K]  src
    ├── [ 12K]  Common1.cpp
    ├── [ 11K]  Common1.h
    ├── [ 13K]  Common.c
    ├── [ 11K]  Common.h
    └── [9.3K]  CVE-2015-5736.cpp

3 directories, 17 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →