Skip to content
/ alpc-diaghub Public
forked from ExpLife0011/alpc-diaghub

Utilizing the ALPC Flaw in combiniation with Diagnostics Hub as found in Server 2016 and Windows 10.

0 stars 23 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

FOGSEC/alpc-diaghub

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

ALPC-TaskSched-LPE

ALPC-TaskSched-LPE

 
 

ALPC-TaskSched-LPE.sln

ALPC-TaskSched-LPE.sln

 
 

ALPC_DiagHub.x64.exe

ALPC_DiagHub.x64.exe

 
 

ALPC_DiagHub.x86.exe

ALPC_DiagHub.x86.exe

 
 

Image Pasted at 2018-11-2 20-06.png.jpg

Image Pasted at 2018-11-2 20-06.png.jpg

 
 

Image Pasted at 2018-11-2 20-09.png

Image Pasted at 2018-11-2 20-09.png

 
 

README.md

README.md

 
 

Repository files navigation

About

Project seeks to have a stable / reliable method for ALPC exploit originally disclosed by Sandbox Escaper.

Attempts to clean up itself after loading the DLL.

Screenshots :

Example Payload :

#include <windows.h>

BOOL WINAPI DllMain(HINSTANCE hinstDll, DWORD dwReason, LPVOID lpReserved)
{
        switch(dwReason)
        {
                case DLL_PROCESS_ATTACH:
                        WinExec("C:\\Windows\\System32\\notepad.exe", 0);
                        break;
                case DLL_PROCESS_DETACH:
                        break;
                case DLL_THREAD_ATTACH:
                        break;
                case DLL_THREAD_DETACH:
                        break;
        }

        return 0;
}

About

Utilizing the ALPC Flaw in combiniation with Diagnostics Hub as found in Server 2016 and Windows 10.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 95.0%
  • C++ 5.0%