Skip to content

OlivierLaflamme/CVE-2021-36934-export-shadow-volume-POC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

README.md

README.md

 
 

script.cs

script.cs

 
 

Repository files navigation

CVE-2021–36934

The derived hash is used for forgery such as PTH and bills. There is no detailed analysis here.

In addition, given that access rights to most system files can be obtained, there should be more than this one method of exploitation, including Microsoft officials, which have also characterized it as a privilege escalation vulnerability.

A simple script is used to export files from volume shadows, and only provides ideas. In view of the fact that there is no administrator authority, it is easier to write by yourself, and it is easier to avoid killing than mimikatz, and the effect should be better. Everyone has different opinions.

All versions after Windows 10 version 1809

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages