DB: 2017-08-10

1 new exploits

Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2)

files.csv

@@ -9176,6 +9176,7 @@ id,file,description,date,author,platform,type,port
 42426,platforms/windows/local/42426.txt,"VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege Escalation",2017-08-03,"Google Security Research",windows,local,0
 42429,platforms/windows/local/42429.py,"Microsoft Windows - '.LNK' Shortcut File Code Execution",2017-08-06,nixawk,windows,local,0
 42432,platforms/windows/local/42432.cpp,"Microsoft Windows 7 SP1 x86 -  GDI Palette Objects Local Privilege Escalation (MS17-017)",2017-07-19,Saif,windows,local,0
+42435,platforms/win_x86-64/local/42435.txt,"Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2)",2017-08-08,SensePost,win_x86-64,local,0
 1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80
 2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80
 5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139

platforms/win_x86-64/local/42435.txt

@@ -0,0 +1,14 @@
+Sources:
+- https://github.com/sensepost/gdi-palettes-exp
+- https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/
+
+Windows 7 SP1 x86 exploit presented at DEF CON 25 involving the abuse of a newly discovered GDI object abuse technique. 
+
+DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects 
+
+- https://www.defcon.org/html/defcon-25/dc-25-speakers.html#El-Sherei 
+- https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/5A1F/
+
+
+Proof of Concept:
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42435.zip