CVE-2020-0668 PoC — Microsoft Windows Kernel 安全漏洞

Source

https://github.com/RedCursorSecurityConsulting/CVE-2020-0668

Associated Vulnerability

Title:Microsoft Windows Kernel 安全漏洞 (CVE-2020-0668)
Description:An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.

Description

Use CVE-2020-0668 to perform an arbitrary privileged file move operation.

Readme

# CVE-2020-0668
Use CVE-2020-0668 to perform an arbitrary privileged file move operation.

Use https://github.com/itm4n/UsoDllLoader (Windows >= 1903) OR https://github.com/xct/diaghub (Windows < 1903) for privilege escalation.

# Demo
![Demo](poc.png)

Links & Resources
- https://itm4n.github.io/cve-2020-0668-windows-service-tracing-eop/
- https://itm4n.github.io/usodllloader-part1/
- https://itm4n.github.io/usodllloader-part2/
- https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html

File Snapshot


 [4.0K]  /data/pocs/e74d6d269736a8dd5a2e2e9239f6548ee919c7b0
├── [ 184]  App.config
├── [3.0K]  CVE-2020-0668.csproj
├── [1.1K]  CVE-2020-0668.sln
├── [ 137]  packages.config
├── [330K]  poc.png
├── [4.1K]  Program.cs
├── [4.0K]  Properties
│   ├── [1.4K]  AssemblyInfo.cs
│   ├── [3.8K]  Resources.Designer.cs
│   └── [5.9K]  Resources.resx
├── [ 526]  README.md
└── [4.0K]  Resources
    └── [1.8K]  phonebook.txt

2 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!