mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
107 lines
4.9 KiB
Markdown
107 lines
4.9 KiB
Markdown
|
### [CVE-2014-4113](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4113)
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
### Description
|
||
|
|
|
||
|
|
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
|
||
|
|
|
||
|
|
### POC
|
||
|
|
|
||
|
|
#### Reference
|
||
|
|
- http://packetstormsecurity.com/files/131964/Windows-8.0-8.1-x64-TrackPopupMenu-Privilege-Escalation.html
|
||
|
|
- https://www.exploit-db.com/exploits/37064/
|
||
|
|
- https://www.exploit-db.com/exploits/39666/
|
||
|
|
|
||
|
|
#### Github
|
||
|
|
- https://github.com/0xMrNiko/Awesome-Red-Teaming
|
||
|
|
- https://github.com/0xMrNiko/Cobalt-Strike-Cheat-Sheet
|
||
|
|
- https://github.com/0xcyberpj/windows-exploitation
|
||
|
|
- https://github.com/0xpetros/windows-privilage-escalation
|
||
|
|
- https://github.com/1o24er/RedTeam
|
||
|
|
- https://github.com/ARPSyndicate/cvemon
|
||
|
|
- https://github.com/Al1ex/APT-GUID
|
||
|
|
- https://github.com/Al1ex/Red-Team
|
||
|
|
- https://github.com/Al1ex/WindowsElevation
|
||
|
|
- https://github.com/Apri1y/Red-Team-links
|
||
|
|
- https://github.com/Ascotbe/Kernelhub
|
||
|
|
- https://github.com/B2AHEX/cveXXXX
|
||
|
|
- https://github.com/BLACKHAT-SSG/EXP-401-OSEE
|
||
|
|
- https://github.com/ByteHackr/WindowsExploitation
|
||
|
|
- https://github.com/CVEDB/PoC-List
|
||
|
|
- https://github.com/CVEDB/awesome-cve-repo
|
||
|
|
- https://github.com/CVEDB/top
|
||
|
|
- https://github.com/CrackerCat/Kernel-Security-Development
|
||
|
|
- https://github.com/Echocipher/Resource-list
|
||
|
|
- https://github.com/ExpLife0011/awesome-windows-kernel-security-development
|
||
|
|
- https://github.com/FULLSHADE/WindowsExploitationResources
|
||
|
|
- https://github.com/Flerov/WindowsExploitDev
|
||
|
|
- https://github.com/GhostTroops/TOP
|
||
|
|
- https://github.com/HacTF/poc--exp
|
||
|
|
- https://github.com/HackOvert/awesome-bugs
|
||
|
|
- https://github.com/JERRY123S/all-poc
|
||
|
|
- https://github.com/LegendSaber/exp
|
||
|
|
- https://github.com/NitroA/windowsexpoitationresources
|
||
|
|
- https://github.com/NullArray/WinKernel-Resources
|
||
|
|
- https://github.com/Ondrik8/RED-Team
|
||
|
|
- https://github.com/Ondrik8/exploit
|
||
|
|
- https://github.com/Ostorlab/KEV
|
||
|
|
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
|
||
|
|
- https://github.com/PwnAwan/EXP-401-OSEE
|
||
|
|
- https://github.com/TamilHackz/windows-exploitation
|
||
|
|
- https://github.com/ThunderJie/CVE
|
||
|
|
- https://github.com/avboy1337/cveXXXX
|
||
|
|
- https://github.com/bb33bb/cveXXXX
|
||
|
|
- https://github.com/clxsh/WindowsSecurityLearning
|
||
|
|
- https://github.com/cranelab/exploit-development
|
||
|
|
- https://github.com/cyberanand1337x/bug-bounty-2022
|
||
|
|
- https://github.com/dk47os3r/hongduiziliao
|
||
|
|
- https://github.com/fei9747/WindowsElevation
|
||
|
|
- https://github.com/gaearrow/windows-lpe-lite
|
||
|
|
- https://github.com/h3ll0clar1c3/CRTO
|
||
|
|
- https://github.com/hasee2018/Safety-net-information
|
||
|
|
- https://github.com/hktalent/TOP
|
||
|
|
- https://github.com/howknows/awesome-windows-security-development
|
||
|
|
- https://github.com/hudunkey/Red-Team-links
|
||
|
|
- https://github.com/jbmihoub/all-poc
|
||
|
|
- https://github.com/john-80/-007
|
||
|
|
- https://github.com/johnjohnsp1/CVE-2014-4113
|
||
|
|
- https://github.com/jqsl2012/TopNews
|
||
|
|
- https://github.com/k0mi-tg/CRTO-Note
|
||
|
|
- https://github.com/k0mi-tg/CRTO-Notes
|
||
|
|
- https://github.com/landscape2024/RedTeam
|
||
|
|
- https://github.com/liuhe3647/Windows
|
||
|
|
- https://github.com/livein/TopNews
|
||
|
|
- https://github.com/lp008/Hack-readme
|
||
|
|
- https://github.com/lyshark/Windows-exploits
|
||
|
|
- https://github.com/m0ox/CRTO-Note
|
||
|
|
- https://github.com/manas3c/CRTO-Notes
|
||
|
|
- https://github.com/mjutsu/CRTO-Note
|
||
|
|
- https://github.com/nitishbadole/oscp-note-2
|
||
|
|
- https://github.com/nobiusmallyu/kehai
|
||
|
|
- https://github.com/nsxz/Exploit-CVE-2014-4113
|
||
|
|
- https://github.com/oxmanasse/CRTO-Note
|
||
|
|
- https://github.com/paulveillard/cybersecurity-exploit-development
|
||
|
|
- https://github.com/paulveillard/cybersecurity-windows-exploitation
|
||
|
|
- https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development
|
||
|
|
- https://github.com/pravinsrc/NOTES-windows-kernel-links
|
||
|
|
- https://github.com/r3p3r/nixawk-awesome-windows-exploitation
|
||
|
|
- https://github.com/rhamaa/Binary-exploit-writeups
|
||
|
|
- https://github.com/rmsbpro/rmsbpro
|
||
|
|
- https://github.com/sailay1996/awe-win-expx
|
||
|
|
- https://github.com/sam-b/CVE-2014-4113
|
||
|
|
- https://github.com/sathwikch/windows-exploitation
|
||
|
|
- https://github.com/sg1965/CRTO-Note
|
||
|
|
- https://github.com/slimdaddy/RedTeam
|
||
|
|
- https://github.com/svbjdbk123/-
|
||
|
|
- https://github.com/timip/OSEE
|
||
|
|
- https://github.com/twensoo/PersistentThreat
|
||
|
|
- https://github.com/wateroot/poc-exp
|
||
|
|
- https://github.com/weeka10/-hktalent-TOP
|
||
|
|
- https://github.com/wikiZ/cve-2014-4113
|
||
|
|
- https://github.com/xiaoZ-hc/redtool
|
||
|
|
- https://github.com/ycdxsb/WindowsPrivilegeEscalation
|
||
|
|
- https://github.com/yut0u/RedTeam-BlackBox
|
||
|
|
|