Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2016-7255

Description

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

POC

Reference

- http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/

- http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html

- https://github.com/mwrlabs/CVE-2016-7255

- https://www.exploit-db.com/exploits/40745/

- https://www.exploit-db.com/exploits/40823/

- https://www.exploit-db.com/exploits/41015/

Github

- https://github.com/0xcyberpj/windows-exploitation

- https://github.com/0xpetros/windows-privilage-escalation

- https://github.com/1o24er/RedTeam

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Al1ex/APT-GUID

- https://github.com/Al1ex/Red-Team

- https://github.com/Apri1y/Red-Team-links

- https://github.com/Ascotbe/Kernelhub

- https://github.com/CVEDB/PoC-List

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/CrackerCat/Kernel-Security-Development

- https://github.com/Cruxer8Mech/Idk

- https://github.com/DivyTej/Windows-Exploit-Suggester-v2

- https://github.com/Echocipher/Resource-list

- https://github.com/ExpLife0011/CVE-2019-0803

- https://github.com/ExpLife0011/awesome-windows-kernel-security-development

- https://github.com/FSecureLABS/CVE-2016-7255

- https://github.com/FULLSHADE/WindowsExploitationResources

- https://github.com/Flerov/WindowsExploitDev

- https://github.com/GhostTroops/TOP

- https://github.com/Iamgublin/CVE-2019-0803

- https://github.com/Iamgublin/CVE-2020-1054

- https://github.com/JERRY123S/all-poc

- https://github.com/LegendSaber/exp

- https://github.com/MustafaNafizDurukan/WindowsKernelExploitationResources

- https://github.com/NitroA/windowsexpoitationresources

- https://github.com/NullArray/WinKernel-Resources

- https://github.com/Ondrik8/RED-Team

- https://github.com/Ondrik8/exploit

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/TamilHackz/windows-exploitation

- https://github.com/ThunderJie/CVE

- https://github.com/ThunderJie/Study_pdf

- https://github.com/bbolmin/cve-2016-7255_x86_x64

- https://github.com/conceptofproof/Kernel_Exploitation_Resources

- https://github.com/cranelab/exploit-development

- https://github.com/cyberanand1337x/bug-bounty-2022

- https://github.com/dk47os3r/hongduiziliao

- https://github.com/hasee2018/Safety-net-information

- https://github.com/heh3/CVE-2016-7255

- https://github.com/hktalent/TOP

- https://github.com/homjxi0e/CVE-2016-7255

- https://github.com/howknows/awesome-windows-security-development

- https://github.com/hudunkey/Red-Team-links

- https://github.com/jbmihoub/all-poc

- https://github.com/john-80/-007

- https://github.com/landscape2024/RedTeam

- https://github.com/liuhe3647/Windows

- https://github.com/lnick2023/nicenice

- https://github.com/lp008/Hack-readme

- https://github.com/lsc1226844309/hanker1

- https://github.com/lyshark/Windows-exploits

- https://github.com/nobiusmallyu/kehai

- https://github.com/paulveillard/cybersecurity-exploit-development

- https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development

- https://github.com/pravinsrc/NOTES-windows-kernel-links

- https://github.com/qazbnm456/awesome-cve-poc

- https://github.com/slimdaddy/RedTeam

- https://github.com/svbjdbk123/-

- https://github.com/tinysec/vulnerability

- https://github.com/twensoo/PersistentThreat

- https://github.com/weeka10/-hktalent-TOP

- https://github.com/xbl3/awesome-cve-poc_qazbnm456

- https://github.com/xiaoZ-hc/redtool

- https://github.com/ycdxsb/WindowsPrivilegeEscalation

- https://github.com/yut0u/RedTeam-BlackBox

- https://github.com/yuvatia/page-table-exploitation