Skip to content

siberas/CVE-2016-3309_Reloaded

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

CVE-2016-3309_Reloaded_Bitmaps

CVE-2016-3309_Reloaded_Bitmaps

 
 

CVE-2016-3309_Reloaded_Deadlock

CVE-2016-3309_Reloaded_Deadlock

 
 

CVE-2016-3309_Reloaded_Palettes

CVE-2016-3309_Reloaded_Palettes

 
 

CVE-2016-3309_Reloaded.sln

CVE-2016-3309_Reloaded.sln

 
 

CVE-2016-3309_Reloaded.suo

CVE-2016-3309_Reloaded.suo

 
 

README.md

README.md

 
 

Repository files navigation

Kernel Exploitation Case Study - "Wild" Pool Overflow on Win10 x64 RS2 (CVE-2016-3309 Reloaded)

This Github repo contains exploits for the recently-patched win32kfull!bFill vulnerability. Executing the Palette or Bitmap exploit will give you SYSTEM privileges on the affected system. The exploits should work fine on Windows 10 x64 with Creators Update, build 15063.540 (latest version of Win10 before the release of Microsoft's September Updates).

The Visual Studio solution contains three exploits:

  • CVE-2016-3309_Reloaded_Bitmaps: Exploit using the Bitmaps technique
  • CVE-2016-3309_Reloaded_Palettes: Exploit using the Palettes technique
  • CVE-2016-3309_Reloaded_Deadlock: POC exploit showcasing the system deadlock which happens due to improved Handle validation

We also published a blog post which goes into detail about the exploitation of this "wild" Pool-based overflow.

About

Exploits for the win32kfull!bFill vulnerability on Win10 x64 RS2 using Bitmap or Palette techniques

Resources

Readme
Activity

Stars

54 stars

Watchers

5 watching

Forks

23 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages