Wh04m1001/CVE-2023-36874

Stars
223
Rank 178,458 (Top 4 %)
Language
C++
Created over 1 year ago
Updated over 1 year ago

Wh04m1001/CVE-2023-36874

Wh04m1001

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

CVE-2023-36874

For demonstration purposes only. Exploit works on vulnerable Windows clients/servers.

Compile code and create c:\test\system32 directories. Place your wermgr.exe in that directory and run compiled PoC.

wer_poc.mp4

Testing on windows 10 19045.2006

poc.mp4

Resources:

https://www.crowdstrike.com/blog/falcon-complete-zero-day-exploit-cve-2023-36874/

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874

DFSCoerce

CVE-2023-21752

SysmonEoP

IDiagnosticProfileUAC

CVE-2023-29343

IFaultrepElevatedDataCollectionUAC

DiagTrackEoP

CVE-2023-20178

CVE-2023-36723

Random

ZoneAlarmLPE

Exploit for LPE in ZoneAlarm Antivirus/Firewall

CVE-2022-3368

MSIExecEoP

Arbitrary File Delete in Windows Installer before 10.0.19045.2193

PICDumper

RazerEoP

ZoneAlarmEoP

Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV

SQLEnum

Small tool for basic SQL Server enumeration in Active Directory Environment

LpksetupUAC

VSSTrigger

NtCreateToken

VSSCopy

Small and dirty PoC for CVE-2021-36934

binary-explotation

Wh04m1001