bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/local/48071.md
Offensive Security d63de06c7a DB: 2022-11-10 
2776 changes to exploits/shellcodes/ghdb
2022-11-10 16:39:50 +00:00

815 B
Raw Blame History

PoC for the SWAPGS attack (CVE-2019-1125)

This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019.

Contents

  • leakgsbkva - variant 1 (look for random values in kernel memory; limited to PE kernel image header)
  • leakgsbkvat - variant 2 (extract random values from kernel memory; limited to PE kernel image header)
  • whitepaper
  • Black Hat USA 2019 presentation

Prerequisites

  1. Visual Studio 2015
  2. Unpatched Windows x64 (7 or newer)

Authors

  • Andrei Vlad LUȚAȘ
  • Dan Horea LUȚAȘ

Additional resources

Video Recording of presentation at Black Hat USA, 2019

Download ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48071.zip