Windows Elevation

Overview

What's this

This project is mainly used to collect the commonly used exp of Windows platform and give the relevant repair scheme. On the one hand, it is helpful for security researchers to quickly complete the right raising in the process of penetration testing, on the other hand, it is also helpful for the project party to find the unmatched vulnerability patches according to the list to strengthen the security of the system.

Information

CVE ID MS ID KB Operating System
CVE-2003-0352 MS03-026 KB823980 Windows 2003/XP/2000/NT 4.0/Server 2003
CVE-2005-1983 MS05-039 KB899588 Windows 2000/XP SP1/Server 2003
CVE-2006-3439 MS06-040 KB921883 Windows 2000/XP/Server 2003
CVE-2008-1084 MS08-025 KB941693 Windows 2000/XP/Server 2003/Vista SP1/Server 2008
CVE-2008-3464 MS08-066 KB910723 Windows XP/Server 2003
CVE-2008-4037 MS08-068 KB887429 Windows XP/Server 2000/Vista/Server 2008
CVE-2008-4250 MS08-067 KB958644 Windows XP/Vista/Server 2000 2003 2008
CVE-2009-0079 MS09-012 KB956572 Windows XP/Server 2000 2003 2008/Vista
CVE-2009-1535 MS09-020 KB970483 Windows XP/Server 2000 2003
CVE-2009-2532 MS09-050 KB975517 Windows Vista/Server 2008
CVE-2010-0020 MS10-020 KB980232 Windows XP/2000/2003/2008/2008 R2/Vista/7
CVE-2010-0232 MS10-015 KB977165 Windows 2000/XP/2003/Vista/2008/7
CVE-2010-1887 MS10-048 KB2160329 Windows XP/2003/2008/7/Vista
CVE-2010-1899 MS10-065 KB2271195 Windows XP/2003/2008/7/Vista
CVE-2010-2554 MS10-059 KB982799 Window Vista/2008/7
CVE-2010-3338 MS10-092 KB2305420 Windows Vista/7/2008
CVE-2010-4398 MS11-011 KB2393802 Windows XP/Server 2003/Vsita/2008/7
CVE-2011-1249 MS11-046 KB2503665 Windows XP/2003/2008
CVE-2011-1974 MS11-062 KB2566454 Windows XP/2003
CVE-2011-2005 MS11-080 KB2592799 Windows XP/Server 2003
CVE-2012-0002 MS12-020 KB2621440 Winodws XP/2003/2008/Vista/7
CVE-2013-0008 MS13-005 KB2778930 Windows Vista/2008/2012/7/8/RT
CVE-2013-1300 MS13-053 KB2850851 Windows XP/2003/2008/2012/7/8
CVE-2013-1332 MS13-046 KB2829361 Windows XP/2003/2008/2012/7/8/RT
CVE-2013-5065 MS14-002 KB2914368 Windows XP/2003
CVE-2014-1767 MS14-040 KB2961072 Windows XP/2003/2008/2012/7/8/RT/Vista
CVE-2014-2814 MS14-042 KB2972621 Windows Server 2008/2012
CVE-2014-4076 MS14-070 Windows 2003
CVE-2014-4113 MS14-058 KB3000061 Windows 2003/2008/2012/Vista/7/RT
CVE-2014-6321 MS14-066 Windows server 2003/2008/2012/Vista/7
CVE-2014-6324 MS14-068 Windows 2003/2008/2012/Vista/7/8
CVE-2015-0002 MS15-001 Windows 7/8/2008/2012/
CVE-2015-0057 MS15-010 Windows 2003/2008/2012/vista/7/8/RT
CVE-2015-0062 MS15-015 Windows 7/8/2008/2012/RT
CVE-2015-0097 MS15-022 Microsoft Office 2007/2010/2013/RT
CVE-2015-1701 MS15-051 KB3065979 WIndows 2003/2008/2012/Vista/7/8
CVE-2015-1726 MS15-061 WIndows 2003/2008/2012/Vista/7/8
CVE-2015-2370 MS15-076 WIndows 2003/2008/2012/Vista/7/8
CVE-2015-2387 MS15-077 WIndows 2003/2008/2012/Vista/7/8
CVE-2015-2517 MS15-097 KB3081455 Windows 2003/2008/2012/Vista/RT/7/8/10
CVE-2016-0040 MS16-014 KB3135174 Windows 2003/2008/2012/Vista/RT/7/8/10
CVE-2016-0051 MS16-016 KB3135173 Windows 2003/2008/2012/Vista/RT/7/8/10
CVE-2016-0093 MS16-034 KB3140745 Windows 2003/2008/2012/Vista/RT/7/8/10
CVE-2016-0099 MS16-032 KB3140768 Windows 2003/2008/2012/Vista/RT/7/8/10
CVE-2016-3225 MS16-075 KB3163017 Windows 2003/2008/2012/Vista/RT/7/8/10
CVE-2016-3305 MS16-111 KB3185611 Windows 2008/2012/Vista/RT/7/8/10
CVE-2016-3308 MS16-098 KB3176492 Windows 2008/2012/Vista/RT/7/8/10
CVE-2016-7214 MS16-135 KB3198234 Windows Vista/2008/2012/2016/7/8
CVE-2017-0050 MS17-017 KB4011981 Windows Vista/2008/2012/2016/7/8/10
CVE-2017-0143 MS17-010 Windows Vista/2008/2012/2016/7/8/10
CVE-2017-0213 KB4038788 Windows Vista/2008/2012/2016/7/8/10
CVE-2017-8464 KB4022727 Windows Vista/2008/2012/2016/7/8/10
CVE-2018-0833 KB4074594 Windows 8/2012 R2/RT
CVE-2018-8120 KB4103718 Windows 2008/2008 R2/7
CVE-2019-0803 KB4493471 Windows Vista/2008/2012/2016/2019/7/8/10
CVE-2019-0863 KB4494440 Windows 2008/7/8/10
CVE-2019-1253 KB4515384 Windows 10 1903/1709/1803/1703
CVE-2019-1405 KB4525235 Windows 2008/2012/2016/2019/7/8/10
CVE-2020-0668 KB4532693 Windows 2008/2012/2016/2019/7/8/10
CVE-2020-0683 KB4532691 Windows 2008/2012/2016/2019/7/8/10
CVE-2020-0787 KB4541505 Windows 2008/2012/2016/2019/7/8/10
CVE-2020-0796 KB4499165 Windows 10 1909/1903/
CVE-2020-1054 KB4556826 Windows 2008/2012/7/8/10
CVE-2020-1066 KB4552965 Microsoft .NET Framework 3.5.1/3.0
CVE-2020-1337 KB4571694 Windows 2012/7/10
CVE-2020-1362 KB4565503 Windows 10 1903/1809/1607/2004/1709
CVE-2020-1054 KB4556852 Windows 2008/2012/2016/2019/7/8/10
CVE-2020-5272 Druva inSync Windows Client 6.6.3
CVE-2021-1732 KB4601315 Windows 10 1909/1803/Windows Server 2019

Reference

https://github.com/WindowsExploits/Exploits

https://github.com/SecWiki/windows-kernel-exploits

Owner
Al1ex
Al1ex
PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits

PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) Summary This is a remote code execution vulnerability tha

Jay K 64 Jun 20, 2022
How to exploit a vulnerable windows driver. Exploit for AsrDrv104.sys

Exploit and Proof of Concept (PoC) for CVE-2020-15368. Asrock repackaged rweverything driver for their RGB controller configuration tool and signed it. They "protect" it by encrypting their ioctls...lol. We found this CVE by accident last summer, and afaik the driver still isn't patched. The impact is of course arbitrary code execution in kernel, etc. So enjoy this "0day" lol.

Stephen Tong 333 Jun 21, 2022
Windows Etw LPE

CVE-2021-34486 Windows Etw LPE olny tested on windwos 20H2 x64 ed2k://|file|cn_windows_10_business_editions_version_20h2_updated_march_2021_x64_dvd_ca

WangTT 42 Apr 24, 2022
vsomeip Library for Windows Msys2 MinGW64

vsomeip-msys2-mingw64 vsomeip Library for Windows Msys2 MinGW64 vsomeip Copyright Copyright (C) 2015-2017, Bayerische Motoren Werke Aktiengesellschaft

null 1 Oct 27, 2021
This tool demonstrates the power of UAC bypasses and built-in features of Windows.

Auto-Elevate This tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and imp

null 116 Jun 20, 2022
Terrain Analysis Using Digital Elevation Models (TauDEM) software for hydrologic terrain analysis and channel network extraction.

TauDEM (Terrain Analysis Using Digital Elevation Models) is a suite of Digital Elevation Model (DEM) tools for the extraction and analysis of hydrolog

David Tarboton 184 Jun 23, 2022
PoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell DoS PoC for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-a

Oliver Lyak 406 Jun 21, 2022
Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell Exploit for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-a

Oliver Lyak 406 Jun 21, 2022
Implements a Windows service (in a DLL) that removes the rounded corners for windows in Windows 11

ep_dwm Implements a Windows service that removes the rounded corners for windows in Windows 11. Tested on Windows 11 build 22000.434. Pre-compiled bin

Valentin-Gabriel Radu 16 Jun 18, 2022
Windows Calculator: A simple yet powerful calculator that ships with Windows

The Windows Calculator app is a modern Windows app written in C++ that ships pre-installed with Windows. The app provides standard, scientific, and programmer calculator functionality, as well as a set of converters between various units of measurement and currencies.

Microsoft 25.2k Jun 30, 2022
The new Windows Terminal and the original Windows console host, all in the same place!

The new Windows Terminal and the original Windows console host, all in the same place!

Microsoft 83.8k Jun 27, 2022
Windows 2000 styled installer for Panther based distributions of Microsoft Windows (WIM files).

An advanced installer for Microsoft Windows that mimics the looks of the Windows XP and older installers. Takes any modern (Vista and newer) Windows ISO or WIM file and creates a old styled Windows Setup experience on the go.

null 2 Mar 17, 2022
Windows kernel information leakage POCs on Windows 10 RS1+

This repository covers various techniques and methods I write while conducting research into infoleaks, these are for leaking various Windows kernel a

null 2 Jun 15, 2022
Some extensions for windows explorer, tested on windows 10+

WindowsExplorerExtension Extensions for windows explorer, tested on windows 10 & windows 11. New Folder Extension What's This A Gnome nautilus inspire

anpho 4 Jan 13, 2022
Defender-control - An open-source windows defender manager. Now you can disable windows defender permanently.

Defender Control Open source windows defender disabler. Now you can disable windows defender permanently! Tested from Windows 10 20H2. Also working on

null 292 Jun 27, 2022
A small self-contained alternative to readline and libedit that supports UTF-8 and Windows and is BSD licensed.

Linenoise Next Generation A small, portable GNU readline replacement for Linux, Windows and MacOS which is capable of handling UTF-8 characters. Unlik

ArangoDB 334 Jun 5, 2022
A readline and libedit replacement that supports UTF-8, syntax highlighting, hints and Windows and is BSD licensed.

Read Evaluate Print Loop ++ A small, portable GNU readline replacement for Linux, Windows and MacOS which is capable of handling UTF-8 characters. Unl

Marcin Konarski 572 Jun 15, 2022
The Hoard Memory Allocator: A Fast, Scalable, and Memory-efficient Malloc for Linux, Windows, and Mac.

The Hoard Memory Allocator Copyright (C) 1998-2020 by Emery Berger The Hoard memory allocator is a fast, scalable, and memory-efficient memory allocat

Emery Berger 891 Jun 27, 2022
WangBin 3.2k Jun 27, 2022
Drogon: A C++14/17 based HTTP web application framework running on Linux/macOS/Unix/Windows

English | 简体中文 | 繁體中文 Overview Drogon is a C++14/17-based HTTP application framework. Drogon can be used to easily build various types of web applicat

An Tao 7.4k Jun 20, 2022
C++ Library Manager for Windows, Linux, and MacOS

Vcpkg: Overview 中文总览 Español 한국어 Français Vcpkg helps you manage C and C++ libraries on Windows, Linux and MacOS. This tool and ecosystem are constant

Microsoft 16k Jun 24, 2022
the checkra1n set of tools targeting bare metal, Linux and Windows

Universal toolchain Low-effort cross-compiling for the masses. What's Universal toolchain? It's a collection of sysroots and shell scripts in such a w

null 62 May 27, 2022
Double weave on high latency add-on for Final Fantasy XIV for Windows PC.

XivAlexander Connection Image Korea to NA DC VPN only Korea to NA DC XivAlexander enabled Korea to Korean DC Direct connection Use XivMitmLatencyMitig

srkizer 447 Jun 21, 2022
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware

UnhookMe - Dynamically unhooking imports resolver In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their e

Mariusz B. 265 Jun 26, 2022
Play Doh Windows ACL Tools

PDAcl 是一个支持Windows活动目录扩展权限设置、Windows活动目录常规权限设置、Windows服务权限设置的命令工具。

倾旋 58 Jun 25, 2022
This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload, and more!

BSOD Survivor Tired of always telling yourself when you got a BSOD that what if I could just return to the caller function which caused the BSOD, and

Ido Westler 142 Jun 20, 2022
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

Perfusion On Windows 7, Windows Server 2008R2, Windows 8, and Windows Server 2012, the registry key of the RpcEptMapper and DnsCache (7/2008R2 only) s

Clément Labro 387 Jun 20, 2022
OC EFI Generator for Windows, Coded in C#

Opencore EFI Generator for Windows THIS APP IS NOT READY YET, NO FUNCTIONS OR ANYTHING IS ADDED A Utility to create EFI Folder for Opencore bootloader

GyTch 30 May 12, 2022