Windows内核利用表
2020-07-29 00:00
1751 查看
马铃薯(高)
MS09-012(高)
MS10_015(高)
MS10-047(低)
MS10-059(高)
MS10-073(中)
MS10-092(高)
MS11-011(中)
MS11-046(高)
MS11-062(高)
MS11-080(高)
MS13-005(中)
MS13-053(中)
MS13-081(中)
MS14-002(高)
MS14-026(低)
MS14-040(高)
MS14_058(高)
MS14-068(中)
MS14_070(高)
MS15_004(中)
MS15-010(中)
MS15-051(中)
MS15-076(中)
MS15-078(中)
MS15-102(中)
MS16-014(高)
MS16-016(高)
MS16-032(高)
MS16-034(非常低)
MS16-075(中)
MS16-098(高)
MS16-135(高)
Potato (high)
受影响的版本
不依赖于操作系统版本利用数据库
未找到github
https://github.com/ohpe/juicy-potato/releases
https://github.com/foxglovesec/RottenPotatometasploit
无MS09-012 (high)
受影响的版本
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 / Windows XP Service Pack 3
Windows XP Professional x64 Edition / Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 / Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition / Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems / Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista / Windows Vista Service Pack 1
Windows Vista x64 Edition / Windows Vista x64 Edition Service Pack 1
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for x64-based Systems
Windows Server 2008 for Itanium-based Systems利用数据库
https://www.exploit-db.com/exploits/6705 (Microsoft Windows Server 2003 - Token Kidnapping Local Privilege Escalation)github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS09-012
https://github.com/Re4son/Chimichurrimetasploit
无MS09-015 (high)
受影响的版本
Windows Server 2003, Windows Server 2008, 7, XP
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 \ Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista、Windows Vista Service Pack 1 \ Windows Vista Service Pack 2
Windows Vista x64 Edition、Windows Vista x64 Edition Service Pack 1 \ Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems \ Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows Server 2008 for x64-based Systems \ Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems \ Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems利用数据库
https://www.exploit-db.com/exploits/11199 Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - 'KiTrap0D' User Mode to Ring Escalation (MS10-015)github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS10-015
https://github.com/am0nsec/exploit/tree/master/windows/privs/MS10-015-KiTrap0Dmetasploit
exploit/windows/local/ms10_015_kitrap0dMS09-019 (high)
受影响的版本
Windows Vista Service Pack 1 \ Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1 \ Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems \ Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows Server 2008 for x64-based Systems \ Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems \ Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems*
Windows Server 2008 R2 for Itanium-based Systems利用数据库
无github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS10-059metasploit
无MS09-019 (中)
受影响的版本
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)
Windows Vista Service Pack 1和Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1和Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Windows Server 2008 Service Pack 2(用于32位系统)*
Windows Server 2008(用于基于x64的系统)和Windows Server 2008(用于基于x64的系统) Service Pack 2 *
Windows Server 2008(用于基于Itanium的系统)和Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32位系统)
Windows 7(用于基于x64的系统)
Windows Server 2008 R2(用于基于x64的系统)*
Windows Server 2008 R2(用于基于Itanium的系统)利用数据库
https://www.exploit-db.com/exploits/15985github
无metasploit
post/windows/escalate/ms10_073_kbdlayoutMS09-092(高)
受影响的版本
Windows Vista Service Pack 1和Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1和Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)和Windows Server 2008(用于32位系统)Service Pack 2 *
Windows Server 2008用于基于x64的系统和Windows Server 2008(用于基于x64的系统)Service Pack 2 *
Windows Server 2008(用于基于Itanium的系统)和Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32位系统)
Windows 7(用于x64-基于
Windows Server 2008 R2(用于基于x64的系统)
Windows Server 2008 R2(用于基于Itanium的系统)利用数据库
https://www.exploit-db.com/exploits/19930github
https://git
7b4
hub.com/SecWiki/windows-kernel-exploits/tree/master/MS10-092metasploit
exploit/windows/local/ms10_092_schelevatorMS11-011(中)
受影响的版本
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)
Windows Vista Service Pack 1
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)
Windows Server 2008(用于32位系统)Service Pack 2 *
Windows Server 2008(用于基于x64的系统)
Windows Server 2008(用于基于x64的系统)系统Service Pack 2 *
Windows Server 2008(用于基于Itanium的系统)
Windows Server 2008 Service Pack 2(用于基于Itanium的系统)
Windows 7(用于32位系统)
Windows 7(用于基于x64的系统)
Windows Server 2008 R2(用于基于x64的系统)*
Windows Server 2008 R2(用于基于Itanium的系统)利用数据库
https://www.exploit-db.com/exploits/16262github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS11-011metasploit
无MS11-046(高)
受影响的版本
#Windows XP SP3 x86
#Windows XP Pro SP2 x64
#Windows Server 2003 SP2 x86
#Windows Server 2003 SP2 x64
#Windows Server 2003 SP2基于Itanium的系统
#Windows Vista SP1 x86
#Windows Vista SP2 x86
#Windows Vista SP1 x64
#Windows Vista SP2 x64
#Windows Server 2008 x86
#Windows Server 2008 SP2 x86
#Windows Server 2008 x64
#Windows Server 2008 SP2 x64
#Windows Server 2008基于Itanium的系统
#Windows Server 2008 SP2基于Itanium的系统
#Windows 7 x86
# Windows 7 SP1 x86
#Windows 7 x64
#Windows 7 SP1 x64
#Windows Server 2008 R2 x64
#Windows Server 2008 R2 SP1 x64
#Windows Server 20
1ff9
08 R2基于Itanium的系统
#Windows Server 2008 R2 SP1基于Itanium的系统
#Windows XP SP3 x86
#Windows Server 2003 SP2 x86
#Windows Vista SP1 x86
#Windows Vista SP2 x86
#Windows Server 2008 x86
#Windows Server 2008 SP2 x86
#Windows 7 x86
#Windows 7 SP1 x86
XP Pro SP3 x86 ZH [5.1.2600]
#Windows Server 2003 Ent SP2 EN [5.2.3790]
#Windows Vista Ult SP1 x86 EN [6.0.6001]
#Windows Vista Ult SP2 x86 ZH [6.0.6002]#Windows
Server 2008 That SP1 x86 ZH [6.0.6001]
#Windows Server 2008 Ent SP2 x86 ZH [6.0.6002]#Windows
7 HB x86 EN [6.1.7600]
# Windows 7 Ent SP1 x86 ZH [6.1.7601]利用数据库
https://www.exploit-db.com/exploits/40564github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS11-046
https://github.com/am0nsec/exploit/tree/master/windows/privs/MS11-046metasploit
无MS11-062(高)
受影响的版本
远程访问服务NDISTAPI驱动程序的NDISTAPI.sys组件中存在一个特权提升漏洞。
此漏洞是由NDISTAPI 驱动程序在将数据从用户模式传递到Windows内核时不正确地验证用户提供的输入而引起的。
攻击者必须具有有效的登录凭据,并且能够在本地登录以利用此漏洞。
成功利用此漏洞的攻击者可以在内核模式下运行任意代码(即,具有NT AUTHORITY \ SYSTEM特权)
Windows XP SP3 x86
Windows XP Pro SP2 x64
Windows Server 2003 SP2 x86
Windows Server 2003 SP2 x64
Windows Server 2003 SP2基于Itanium的系统
Windows XP SP3 x86
Windows Server 2003 SP2 x86
Windows Server 2003 Ent SP2 ZH [5.2.3790]
利用数据库
https://www.exploit-db.com/exploits/40627github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS11-062metasploit
无MS11-080(高)
受影响的版本
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)利用数据库
https://www.exploit-db.com/exploits/18176
https://www.exploit-db.com/exploits/21844github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS11-080
https://github.com/am0nsec/exploit/tree/master/windows/privs/MS11-080metas 2000 ploit
exploit/windows/local/ms11_080_afdjoinleafMS13-005(高)
受影响的版本
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32-位系统
Windows 7(用于32位系统)Service Pack 1
Windows 7(用于基于x64的系统)
Windows 7(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于x64的系统)
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8(用于32位系统)
Windows 8(用于64位系统)
Windows Server 2012
Windows RT
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008 R2(用于基于x64的系统)
Windows Server 2008 R2(用于x64-基于系统)Service Pack 1利用数据库
https://www.exploit-db.com/exploits/24485
github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS13-005
metasploit
exploit/windows/local/ms13_005_hwnd_broadcastMS13-053(中)
受影响的版本
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统的Service Pack 2)
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32位系统)Service Pack 1
Windows 7(用于基于x64的系统Service)包1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8(用于32位系统)
Windows 8(用于64位系统)
Windows Server 2012
Windows RT [1](2850851)利用数据库
https://www.exploit-db.com/exploits/33213github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS13-053metasploit
exploit/windows/local/ms13_053_schlampereiMS13-081(中)
受影响的版本
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统的Service Pack 2)
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32位系统)Service Pack 1
Windows 7(用于基于x64的系统Service)包1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8(用于32位系统)
Windows 8(用于64位系统)
Windows Server 2012
Win
2000
dows RT
Windows Server 2008(用于32位系统)Service Pack 2(服务器核心安装)
Windows Server 2008(用于基于x64的系统)Service Pack 2(服务器核心安装) )
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1(服务器核心安装)
Windows Server 2012(服务器核心安装)利用数据库
https://www.exploit-db.com/exploits/31576github
无metasploit
exploit/windows/local/ms13_081_track_popup_menuMS14-002(中)
受影响的版本
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)利用数据库
https://www.exploit-db.com/exploits/30014
https://www.exploit-db.com/exploits/37732github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS14-002
https://github.com/am0nsec/exploit/tree/master/windows/privs/MS14-002metasploit
exploit/windows/local/ms_ndproxyMS14-040(高)
受影响的版本
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008用于基于x64的系统Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32位系统)Service Pack 1
用于Windows 7(用于基于x64的系统)Service Pack 1用于
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8(用于32位系统)
Windows 8(用于基于x64的系统)
Windows 8.1(用于32位系统)
Windows 8.1(用于32位系统[2])(2973408)
Windows 8.1(用于基于x64的系统)
Windows Server 2012
[Windows Server 2012 R2
Windows RT [3](2961072)
Windows RT 8.1 [1] [ 3](2961072)利用数据库
https://www.exploit-db.com/exploits/39446github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS14-040metasploit
MS14-058(高)
受影响的版本
Windows Server 2003,Windows Server 2008,Windows Server 2012、7、8
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64系统的服务)2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32位系统)Service Pack 1
Windows 7(用于基于x64的系统)系统Service Pack 1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8(用于32位系统)
Windows 8(用于基于x64的系统)
Windows 8.1(用于基于x64的系统)Windows 8.1(用于基于x64的系统)
Windows Server 2012
Windows Server 2012 R2
Windows RT [1](3000061)
Windows RT 8.1 [1]( 3000061)
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1)利用数据库
https://www.exploit-db.com/exploits/39666
https://www.exploit-db.com/exploits/35101github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS14-058metasploit
exploit/windows/local/ms14_058_track_popup_menuMS14-070(高)
受影响的版本
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)利用数据库
https://www.exploit-db.com/exploits/37755
https://www.exploit-db.com/exploits/35936github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS14-070
metasploit
exploit/windows/local/ms14_070_tcpip_ioctlMS15-051(高)
受影响的版本
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008用于基于x64的系统Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32位系统)Service Pack 1
Windows 7(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8(用于32位系统)
Windows 8(用于基于x64的系统)
Windows 8.1(用于32位系统)
Windows 8.1(用于基于x64的系统)
Windows Server 2012
Windows Server 2012 R2
Windows RT [1](3045171)
Windows RT 8.1 [1](3045171)
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008 R2(用于基于x64的系统)Service Pack 2
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1利用数据库
https://www.exploit-db.com/exploits/37367
https://www.exploi
1ff0
t-db.com/exploits/37049github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS15-051
https://github.com/jivoi/pentest/blob/master/exploit_win/ms15-051metasploit
exploit/windows/local/ms15_051_client_copy_imageMS15-076(高)
受影响的版本
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2(用于基于Itanium的系统)
Windows Server 2003 R2 Service Pack 2
Windows Server 2003 R2 x64 Edition Service Pack 2
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32位系统)Service Pack 1
Windows 7(用于x64-基于
Windows Server 2008 R2的基于x64的系统Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8(用于32位系统)
Windows 8(用于基于x64系统)
Windows 8.1(用于32位系统)
Windows 8.1(用于基于x64系统)
Windows Server 2012
Windows Server 2012 R2
Windows RT [ 1](3067505)
Windows RT 8.1 [1](3067505)利用数据库
https://www.exploit-db.com/exploits/37768github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS15-076metasploit
无MS16-014(高)
受影响的版本
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32-位系统Service Pack 1
Windows 7(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8.1(用于32位系统)
Windows 8.1(用于x64)基于
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1 [1](3126587)
Windows RT 8.1 [1](3126593)
Windows 10(用于32位系统)
Windows 10(用于基于x64的系统)
Windows 10版本1511(用于32位系统)
Windows 10版本1511(用于基于x64系统)
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1利用数据库
https://www.exploit-db.com/exploits/40039
https://www.exploit-db.com/exploits/39442github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-014metasploit
exploit/windows/local/ms16_014_wmi_recv_notifMS16-016(高)
受影响的版本
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows 7(用于32位系统)Service Pack 1
Windows 7(用于基于x64的系统)系统Service Pack 1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1利用数据库
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-014
https://www.exploit-db.com/exploits/39788
https://www.exploit-db.com/exploits/39432github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-016metasploit
exploit/windows/local/ms16_016_webdavMS16-032(高)
受影响的版本
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32-位系统Service Pack 1
Windows 7(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8.1(用于32位系统)
Windows 8.1(用于x64)基于
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1 [1](3139914)
Windows 10(用于32位系统)
Windows 10(用于基于x64的系统)
Windows 10版本1511(用于32位系统)
Windows 10版本1511(用于基于x64的系统)利用数据库
https://www.exploit-db.com/exploits/39719
https://www.exploit-db.com/exploits/39574
https://www.exploit-db.com/exploits/39809
https://www.exploit-db.com/exploits/40107github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-032metasploit
exploit/windows/local/ms16_032_secondary_logon_handle_privescMS16-098(高)
受影响的版本
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32-位系统Service Pack 1
Windows 7(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8.1(用于32位系统)
Windows 8.1(用于x64)基于
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1 [1](3177725)
Windows 10(用于32位系统)
Windows 10(用于基于x64的系统)
Windows 10版本1511(用于32位系统)
Windows 10版本1511(用于基于x64系统)
Windows 10版本1607(用于32位系统)
Windows 10版本1607(用于基于x64系统)利用数据库
https://www.exploit-db.com/exploits/41020
https://www.exploit-db.com/exploits/42435github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-098
https://github.com/sensepost/ms16-0981ff8 metasploit
MS16-135(高)
受影响的版本
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008(用于32位系统)Service Pack 2
Windows Server 2008(用于基于x64的系统)Service Pack 2
Windows Server 2008(用于基于Itanium的系统)Service Pack 2
Windows 7(用于32-位系统Service Pack 1
Windows 7(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于x64的系统)Service Pack 1
Windows Server 2008 R2(用于基于Itanium的系统)Service Pack 1
Windows 8.1(用于32位系统)
Windows 8.1(用于x64)基于
Windows Server 2012
Windows Server 2012 R2
Windows 10(用于32位系统)
Windows 10(用于基于x64的系统)
适用于32位系统的
Windows 10版本1511适用于基于x64 系统的Windows 10版本1511适用于基于x64系统的
Windows Server 2016利用数据库
https://www.exploit-db.com/exploits/41015
https://www.exploit-db.com/exploits/40823github
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-135
https://github.com/FuzzySecurity/PSKernel-Primitives/blob/master/Sample-Exploits/MS16-135/MS16-135.ps1metasploit
无内容收集互联网,仅学习研究,请勿利用非法攻击
渗透测试 红队攻防 免杀 权限维持 等等技术 及时分享最新漏洞复现以及EXP 国内外最新技术分享!!!
进来一起学习吧
本文分享自微信公众号 - 黑白天(li0981jing)。
如有侵权,请联系 support@oschina.cn 删除。
本文参与“OSC源创计划”,欢迎正在阅读的你也加入,一起分享。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- C++并行编程(一): 利用C++标准库实现仿Windows内核事件对象
- Windows内核利用表
- 利用VMWare进行Windows双机内核调试(转)
- 利用Vmware的虚拟串口调试Windows内核
- 揭秘Windows内核——如何利用自定义驱动程序在Ring3做Ring0的勾当!
- 利用windows内核驱动创建虚拟磁盘设备
- Windows 8.1内核利用—CVE-2014-4113漏洞分析
- Windows核心编程学习九:利用内核对象进行线程同步
- Windows内核落后Linux
- 如何利用“命令提示符” 进入WINDOWS中的各个目录的实例演示。
- HUSTOJ的Windows版评判内核(限制内存使用)
- Windows 下利用cWrsync同步
- 利用RIS服务批量自动安装windows_XP_并自动加入域
- windows内核对象学习
- 利用mount在Linux中挂装文件系统访问Windows系统
- Windows内核对象(3) -- DuplicateHandle实现文件占用
- windows下利用文件映射实现共享内存
- python利用wmi模块统计windows下硬盘信息
- 虚拟机中ubuntu 12.10与windows利用samba互相共享文件
- Windows内存管理(1)--分配内核内存 和 使用链表