0vercl0k / cve-2021-28476 Goto Github PK
View Code? Open in Web Editor NEWPoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.
License: MIT License
cve-2021-28476's Issues
Diffing your vmswitch files with wrong results
Hi,
i've downloaded your vmswitch files and i diffed both, but i don't have the same results as you:
And if i search for the target function VmsIfrInfoParams_OID_SWITCH_NIC_REQUEST this has not difference
the idbs were created with ida pro 7.5 and they were diffed with bindiff 7
can you tell me if your files are correctly posted or something?
thanks in advance and sorry, i'm a noob yet
Error in loading the driver
I followed the steps but I still get errors, please let me know what you think:
https://freeimage.host/i/HCmYfXj
Thanks.
vmswitch source code missing
vmswitch's source code is missing. (There is no source code in both compressed file)
Can you re-upload the source code?
What should I do to get RCE?
Hello, I was very interested in PoC. Can you tell me how to do RCE? (Sorry for my bad english.)
poc no work for windows server 2012 r2
I inserted fragment code printk(KERN_ALERT "poc: trig vuln VmsIfrInfoParams_OID_SWITCH_NIC_REQUEST") into the rndis_filter.c (in func rndis_trigger_rndisquery before call rndis_filter_send_request()) for loggining. After execute poc,system no state dos,but dmesg output have string "poc: trig vuln VmsIfrInfoParams_OID_SWITCH_NIC_REQUEST"
I tried poc execute for different package updates:
1)
"windows server 2012 r2 installed updates":[ "KB5001382", "KB2999226", "KB2949621", "KB2939471", "KB2938772", "KB2937220", "KB2919355", "KB2919442" ]
2)
"windows server 2012 r2 installed updates":[ "KB5000848", "KB2999226", "KB2949621", "KB2939471", "KB2938772", "KB2937220", "KB2919355", "KB2919442" ]
3)
"windows server 2012 r2 installed updates":[ "KB2999226", "KB2949621", "KB2939471", "KB2938772", "KB2937220", "KB2919355", "KB2919442" ]
4)
"windows server 2012 r2 installed updates":[ "nil" ]
config guest vm hv:
"config":{ "guest hyper-v system":{ "os": ["ubuntu 20.01"] "type vm": ["2(*supported vmbus and hvcalls*)"] "network":[ "external virtual network":{ "SR-IOV":True, "Allow management operation system to share this network adapter":True } ] } }
I took the driver with vmswitch.sys from Windows 2012 r2 server, path: "/ SystemRoot / system32 / drivers / vmswitch.sys" and tried to find symbols
VmsIfrInfoParams_ * using ida. ida did not find symbols
what dependencies and nuances I did not take into account for successful execution poc?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.