Skip to content

Latest commit

 

History

History
executable file
·
51 lines (47 loc) · 2.17 KB

win_local_exploits.md

File metadata and controls

executable file
·
51 lines (47 loc) · 2.17 KB
Raw

https://github.com/aemaeth2501/pentest-wiki/blob/gh-pages/post_exploit/winlocal.md

Exploit-DB Vuln Name MS# 2K XP 2003 2008 Vista 7 8
37049 Taihou64.exe CVE-2015-1701 - - SP2 All SP2 All?** -
25912 EPATHOBJ local ring0 exploit* All All All All All All -
21923 Winlogon NetDDE - All All - - - - -
18176 AFD.Sys MS11-080 - SP3 SP3 - - - -
15589 Task Scheduler MS10-092 - - - SP0/SP1/SP2 SP1/SP2 SP0 -
14674 SRV2.SYS SMB MS09-050 - - - - SP1/2 - -
14610 Chimichurri MS10-059 - - - All All SP0 -
14607 Trans2Zero MS10-054 - - - - - - -
11199 KiTrap0D/vdmallowed MS10-015 All All All All All All -
7132 Service Code Exec MS08-067 SP4 - SP2 - - - -
7104 Service Code Exec MS08-067 SP4 SP2/3 SP1/2 SP0 SP0/1 - -
6705 Churrasco MS09-012 - - All - - - -
6705 Churraskito - - All All - - - -
5518 win32k.sys MS08-025 SP4 SP2 SP1/SP2 SP0 SP0/SP1 - -
3220 Print spool service - - All - - - - -
3022 ASN.1 MS04-007 SP2/3/4 SP0/1 - - - - -
2789 NetPManageIPCConn MS06-070 SP4 - - - - - -
2412 Windows Kernel MS06-049 SP4 - - - - - -
2265 NetIPSRemote MS06-040 SP0-4 SP0/1 - - - - -
2223 Canonicalize Pathname MS06-040 - SP1 - - - - -
1911 Mrxsmb.sys MS06-030 all SP2 - - - - -
1407 Kernel APC MS05-055 SP4 - - - - - -
1198 CSRSS MS05-018 SP3/4 SP1/2 - - - - -
1197 keybd_event - all all all - - - -
1149 PnP Service MS05-039 SP4 SP2 SP1 - - - -
1149 PnP Service MS05-039 SP4 - - - - - -
1075 Messaging Queue MS05-017 SP3/4 SP0/1 - - - - -
734 NetDDE BOF MS04-031 SP2/3/4 SP0/1 - - - - -
355 Univ lang. Util Mgr MS04-019 SP2/3/4 - - - - - -
352 Univ lang. Util Mgr MS04-019 SP2/3/4 - - - - - -
351 POSIX MS04-020 SP4 - - - - - -
350 Util Manager MS04-019 SP2/3/4 - - - - - -
295 Lsasarv.dll MS04-011 SP2/3/4 SP0/1 - - - - -
275 SSL BOF MS04-011 SP4 ? - - - - -
271 Lsasrv.dll MS04-011 SP2/3/4 SP0/1 - - - - -
119 Netapi MS03-049 SP4 - - - - - -
109 RPC2 MS03-039 all - - - - - -
103 RPC2 MS03-039 all (CN) - - - - - -
100 RPC DCOM Long File MS03-026 SP3/4 - - - - - -

*To compile with Visual studio ~ vcvars32.bat ~ cl CVE-2013-3660.c

** Tested on Win7 SP1 https://github.com/hfiref0x/CVE-2015-1701