How to reproduce the windows local rights raising vulnerability CVE-2018-8120 01/22 Update SLTechnology News&Howtos

How to reproduce the windows local rights raising vulnerability CVE-2018-8120

2025-01-22 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)05/31 Report--

What this article shares with you is about how to reproduce the windows local rights raising loophole CVE-2018-8120. The editor thinks it is very practical, so I share it with you. I hope you can get something after reading this article. Without saying much, let's take a look at it.

Foreword:

In mid-May 2018, ESET disclosed two 0-day vulnerabilities in samples of PDF documents it captured, including kernel privilege vulnerabilities for Windows systems. The vulnerability number of this vulnerability is CVE-2018-8120J. Windows has provided security updates to fix this vulnerability.

Overview of vulnerabilities:

The null pointer object in the kernel object is not validated inside the NtUserSetImeInfoEx () system service function of the win32k.sys component of some versions of the Windows system, which can be exploited by ordinary applications to execute arbitrary code with kernel privileges.

Affected version:

Win7x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 Datacenter x64, Win2008Enterprise x64 WinXP x32,Win2003 x32,Win2003 x64

Download link to the right-raising tool:

Https://github.com/alpha1ab/CVE-2018-8120

Recurrence of vulnerabilities:

Environment: Windows 7 Enterprise Edition

First, create a normal user group user test:

Query the current user permissions:

You can see that it is just an ordinary user.

Use the lifting tool to lift the rights and execute the CVE-2018-8120.exe "whoami"

Shows that nt authority\ system has been granted rights successfully.

Repair recommendations:

Microsoft has included a patch for this vulnerability in its May 2018 security update, which can be installed and used to avoid being affected by this vulnerability.

Download address of vulnerability hotfix:

Https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8120

The above is how to reproduce the windows local rights loophole CVE-2018-8120. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.