# windows-kernel-exploits
**Repository Path**: aaaddc/windows-kernel-exploits
## Basic Information
- **Project Name**: windows-kernel-exploits
- **Description**: windows-kernel-exploits Windows平台提权漏洞集合
- **Primary Language**: Unknown
- **License**: MIT
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No
## Statistics
- **Stars**: 0
- **Forks**: 3
- **Created**: 2020-01-19
- **Last Updated**: 2023-08-28
## Categories & Tags
**Categories**: Uncategorized
**Tags**: None
## README
# windows-kernel-exploits
### 简介
windows-kernel-exploits
***
#### 漏洞列表
##### #Security Bulletin #KB #Description #Operating System
- [CVE-2019-0803](https://github.com/ExpLife0011/CVE-2019-0803) [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7/8/10/2008/2012/2016/2019)
- [CVE-2018-8639](https://github.com/ze0r/CVE-2018-8639-exp) [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7/8/10/2008/2012/2016)
- [CVE-2018-1038](https://gist.github.com/xpn/3792ec34d712425a5c47caf5677de5fe) [Windows Kernel Elevation of Privilege Vulnerability] (Windows 7 SP1/Windows Server 2008 R2 SP1)
- [CVE-2018-0743](https://github.com/saaramar/execve_exploit) [Windows Subsystem for Linux Elevation of Privilege Vulnerability] (Windows 10 version 1703/Windows 10 version 1709/Windows Server version 1709)
- [CVE-2018-8453](https://github.com/ze0r/cve-2018-8453-exp) [An elevation of privilege vulnerability in Windows Win32k component] (>= windows 8.1)
- [CVE-2018-8440](https://github.com/sourceincite/CVE-2018-8440) [Windows ALPC Elevation of Privilege Vulnerability] (windows 7/8.1/10/2008/2012/2016)
- [MS17-017](./MS17-017) [KB4013081] [GDI Palette Objects Local Privilege Escalation] (windows 7/8)
- [CVE-2017-8464](./CVE-2017-8464) [LNK Remote Code Execution Vulnerability] (windows 10/8.1/7/2016/2010/2008)
- [CVE-2017-0213](./CVE-2017-0213) [Windows COM Elevation of Privilege Vulnerability] (windows 10/8.1/7/2016/2010/2008)
- [CVE-2018-0833](./CVE-2018-0833) [SMBv3 Null Pointer Dereference Denial of Service] (Windows 8.1/Server 2012 R2)
- [CVE-2018-8120](./CVE-2018-8120) [Win32k Elevation of Privilege Vulnerability] (Windows 7 SP1/2008 SP2,2008 R2 SP1)
- [MS17-010](./MS17-010) [KB4013389] [Windows Kernel Mode Drivers] (windows 7/2008/2003/XP)
- [MS16-135](./MS16-135) [KB3199135] [Windows Kernel Mode Drivers] (2016)
- [MS16-111](./MS16-111) [KB3186973] [kernel api] (Windows 10 10586 (32/64)/8.1)
- [MS16-098](./MS16-098) [KB3178466] [Kernel Driver] (Win 8.1)
- [MS16-075](./MS16-075) [KB3164038] [Hot Potato] (2003/2008/7/8/2012)
- [MS16-034](./MS16-034) [KB3143145] [Kernel Driver] (2008/7/8/10/2012)
- [MS16-032](./MS16-032) [KB3143141] [Secondary Logon Handle] (2008/7/8/10/2012)
- [MS16-016](./MS16-016) [KB3136041] [WebDAV] (2008/Vista/7)
- [MS16-014](./MS16-014) [K3134228] [remote code execution] (2008/Vista/7)
- [MS15-097](./MS15-097) [KB3089656] [remote code execution] (win8.1/2012)
- [MS15-076](./MS15-076) [KB3067505] [RPC] (2003/2008/7/8/2012)
- [MS15-077](./MS15-077) [KB3077657] [ATM] (XP/Vista/Win7/Win8/2000/2003/2008/2012)
- [MS15-061](./MS15-061) [KB3057839] [Kernel Driver] (2003/2008/7/8/2012)
- [MS15-051](./MS15-051) [KB3057191] [Windows Kernel Mode Drivers] (2003/2008/7/8/2012)
- [MS15-015](./MS15-015) [KB3031432] [Kernel Driver] (Win7/8/8.1/2012/RT/2012 R2/2008 R2)
- [MS15-010](./MS15-010) [KB3036220] [Kernel Driver] (2003/2008/7/8)
- [MS15-001](./MS15-001) [KB3023266] [Kernel Driver] (2008/2012/7/8)
- [MS14-070](./MS14-070) [KB2989935] [Kernel Driver] (2003)
- [MS14-068](./MS14-068) [KB3011780] [Domain Privilege Escalation] (2003/2008/2012/7/8)
- [MS14-058](./MS14-058) [KB3000061] [Win32k.sys] (2003/2008/2012/7/8)
- [MS14-066](./MS14-066) [KB2992611] [Windows Schannel Allowing remote code execution] (VistaSP2/7 SP1/8/Windows 8.1/2003 SP2/2008 SP2/2008 R2 SP1/2012/2012 R2/Windows RT/Windows RT 8.1)
- [MS14-040](./MS14-040) [KB2975684] [AFD Driver] (2003/2008/2012/7/8)
- [MS14-002](./MS14-002) [KB2914368] [NDProxy] (2003/XP)
- [MS13-053](./MS13-053) [KB2850851] [win32k.sys] (XP/Vista/2003/2008/win 7)
- [MS13-046](./MS13-046) [KB2840221] [dxgkrnl.sys] (Vista/2003/2008/2012/7)
- [MS13-005](./MS13-005) [KB2778930] [Kernel Mode Driver] (2003/2008/2012/win7/8)
- [MS12-042](./MS12-042) [KB2972621] [Service Bus] (2008/2012/win7)
- [MS12-020](./MS12-020) [KB2671387] [RDP] (2003/2008/7/XP)
- [MS11-080](./MS11-080) [KB2592799] [AFD.sys] (2003/XP)
- [MS11-062](./MS11-062) [KB2566454] [NDISTAPI] (2003/XP)
- [MS11-046](./MS11-046) [KB2503665] [AFD.sys] (2003/2008/7/XP)
- [MS11-011](./MS11-011) [KB2393802] [kernel Driver] (2003/2008/7/XP/Vista)
- [MS10-092](./MS10-092) [KB2305420] [Task Scheduler] (2008/7)
- [MS10-065](./MS10-065) [KB2267960] [FastCGI] (IIS 5.1, 6.0, 7.0, and 7.5)
- [MS10-059](./MS10-059) [KB982799] [ACL-Churraskito] (2008/7/Vista)
- [MS10-048](./MS10-048) [KB2160329] [win32k.sys] (XP SP2 & SP3/2003 SP2/Vista SP1 & SP2/2008 Gold & SP2 & R2/Win7)
- [MS10-015](./MS10-015) [KB977165] [KiTrap0D] (2003/2008/7/XP)
- [MS10-012](./MS10-012) [KB971468] [SMB Client Trans2 stack overflow] (Windows 7/2008R2)
- [MS09-050](./MS09-050) [KB975517] [Remote Code Execution] (2008/Vista)
- [MS09-020](./MS09-020) [KB970483] [IIS 6.0] (IIS 5.1 and 6.0)
- [MS09-012](./MS09-012) [KB959454] [Chimichurri] (Vista/win7/2008/Vista)
- [MS08-068](./MS08-068) [KB957097] [Remote Code Execution] (2000/XP)
- [MS08-067](./MS08-067) [KB958644] [Remote Code Execution] (Windows 2000/XP/Server 2003/Vista/Server 2008)
- [MS08-066](./MS08-066) [KB956803] [AFD.sys] (Windows 2000/XP/Server 2003)
- [MS08-025](./MS08-025) [KB941693] [Win32.sys] (XP/2003/2008/Vista)
- [MS06-040](./MS06-040) [KB921883] [Remote Code Execution] (2003/xp/2000)
- [MS05-039](./MS05-039) [KB899588] [PnP Service] (Win 9X/ME/NT/2000/XP/2003)
- [MS03-026](./MS03-026) [KB823980] [Buffer Overrun In RPC Interface] (/NT/2000/XP/2003)
### 工具
- [缺失补丁检测](./win-exp-suggester) [@GDSSecurity](https://github.com/GDSSecurity/Windows-Exploit-Suggester)
### 项目维护
+ **ourren**(sina weibo @ourren)
+ **hx**(sina weibo @hx)
+ **Bearcat**(github @Bearcat)
### 免责说明
请勿用于非法的用途,否则造成的严重后果与本项目无关。
### 参考链接
- [Windows Kernel Exploits](https://pentestlab.blog/2017/04/24/windows-kernel-exploits/)
- [Windows-Exploit-Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester)
- [WindowsExploits](https://github.com/abatchy17/WindowsExploits)
- [Privilege-Escalation](https://github.com/AusJock/Privilege-Escalation)
- [Windows Privilege Escalation Fundamentals](http://fuzzysecurity.com/tutorials/16.html)
- [brianwrf/WinSystemHelper](https://github.com/brianwrf/WinSystemHelper)
- [Vulners](https://vulners.com/landing)
- [Windows Exploits](https://github.com/WindowsExploits/Exploits)
### 转载
转载请注明来自https://github.com/SecWiki/windows-kernel-exploits
### 补充完善
欢迎大家补充完善 [git_man@outlook.com](git_man@outlook.com)
©SecWiki 2017