Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2)

EDB-ID: 42435
Author: SensePost
Published: 2017-08-08
CVE: N/A
Type: Local
Platform: Win_x86-64
Aliases: N/A
Advisory/Source: Link
Tags: Local
Vulnerable App: N/A

 - https://github.com/sensepost/gdi-palettes-exp 
- https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/

Windows 7 SP1 x86 exploit presented at DEF CON 25 involving the abuse of a newly discovered GDI object abuse technique.

DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects

- https://www.defcon.org/html/defcon-25/dc-25-speakers.html#El-Sherei
- https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/5A1F/


Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42435.zip

Related Posts

Comments