Jump to content
Nytro

Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)

Recommended Posts

[h=1]Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)[/h]

Source: https://code.google.com/p/google-security-research/issues/detail?id=474

---
The attached PoC triggers a buffer overflow in the NtGdiBitBlt? system call. It reproduces reliable on Win 7 32-bit with Special Pool enabled on win32k.sys
---

Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/38307.zip

Sursa: https://www.exploit-db.com/exploits/38307/

Link to comment
Share on other sites

Nu cred ca Nils e genul de om care sa cumpere asa ceva. Dar cred ca e genul de om care sa gaseasca asa ceva.

https://www.exploit-db.com/author/?a=8268

Vad ca are o gramada publicate si 90% din ele sunt pe 22.09.2015 si restul pe 24.09.2015, si toate in Windows Kernel. Cred ca studiaza kernelul sa vada ce gaseste, i-o fi facand un fel de fuzzy sau cum le gaseste oare asa de multe si intr-un timp atat de scurt ?

Link to comment
Share on other sites

Probabil foloseste un fuzzer, insa nu le-a descoperit pe toate in 2 zile. Sunt descoperite de-a lungul unei perioade mari, de exemplu un an.

Pe exploit-db le-a dat (el sau altcineva) submit la gramada in acea perioada, de aceea apar atunci. Probabil pe issue-urile de pe Project Zero apar mai concret niste date.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...