bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/local/48071.md
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

817 B
Raw Blame History

PoC for the SWAPGS attack (CVE-2019-1125)

This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019.

Contents

  • leakgsbkva - variant 1 (look for random values in kernel memory; limited to PE kernel image header)
  • leakgsbkvat - variant 2 (extract random values from kernel memory; limited to PE kernel image header)
  • whitepaper
  • Black Hat USA 2019 presentation

Prerequisites

  1. Visual Studio 2015
  2. Unpatched Windows x64 (7 or newer)

Authors

  • Andrei Vlad LUȚAȘ
  • Dan Horea LUȚAȘ

Additional resources

Video Recording of presentation at Black Hat USA, 2019

Download ~ https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/48071.zip