设为首页收藏本站
开启辅助访问
CVE 您所在的位置:网站首页 win10 提权 wiz CVE

CVE

2023-09-02 01:04| 来源: 网络整理| 查看: 265

banner一、漏洞概述:

2020年3月10日,微软官方公布了一个本地提权漏洞CVE-2020-0787,根据微软的漏洞描述声称,攻击者在使用低权限用户登录系统后,可以利用该漏洞构造恶意程序直接提权到administrator或者system权限。system是windows所有操作系统中权限最大的账户。

微软官方声明二、影响范围

基本上Windows全版本了

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for Itanium-Based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server, version 1803 (Server Core Installation)

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation)

三、漏洞利用

全世界最猛的同性社交网站 Github 中已经有dalao做出了漏洞利用的 Exp连接如下:

https://github.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION

下载如下exe文件:

跟着箭头点

我的Windows测试机:

Windows 7 sp1

左侧cmd为普通用的whoami执行结果,右测cmd为执行exe后的自动弹框

最终提权成功,输入whoami看到已经成功获取system权限。

正在运行whoami结果为system四、修复建议:

跟着微软升级好了~

License:

本文仅供相关知识学习研究,任何使用本文内容进行涉及违法犯罪的行为及后果与该文及作者无关。

 署名:CC BY-NC-SA 3.0 CN



【本文地址】

公司简介

联系我们

今日新闻

    推荐新闻

      专题文章
        CopyRight 2018-2019 实验室设备网 版权所有