CVE-2019-1388 PoC — Microsoft Windows Certificate Dialog 安全漏洞

Source

https://github.com/nobodyatall648/CVE-2019-1388

Associated Vulnerability

Title:Microsoft Windows Certificate Dialog 安全漏洞 (CVE-2019-1388)
Description:An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.

Description

CVE-2019-1388  Abuse UAC Windows Certificate Dialog

Readme

# CVE-2019-1388 
 
 ## CVE-2019-1388  Abuse UAC Windows Certificate Dialog

Description: 

This CVE exploit tend to abuse the UAC windows Certificate Dialog to execute the certificate issuer link as an NT Authority User and open a browser that is under NT Authority User. Then we can use that to prompt a shell as a NT Authority User.

Steps:
 ```
 1) find a program that can trigger the UAC prompt screen

 2) select "Show more details"

 3) select "Show information about the publisher's certificate"

 4) click on the "Issued by" URL link it will prompt a browser interface.

 5) wait for the site to be fully loaded & select "save as" to prompt a explorer window for "save as".

 6) on the explorer window address path, enter the cmd.exe full path:
 C:\WINDOWS\system32\cmd.exe

 7) now you'll have an escalated privileges command prompt. 
 ```

 Video PoC: https://www.youtube.com/watch?v=RW5l6dQ8H-8

File Snapshot


 [4.0K]  /data/pocs/faa3aa7f968815573121bfab77ea63bf95ef4a74
└── [ 906]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!