CVE-2016-0099

Related Files

MS16-032 Secondary Logon Handle Privilege Escalation

Posted Jul 12, 2016

Authored by b33f, James Forshaw, khr0x40sh | Site metasploit.com

This Metasploit module exploits the lack of sanitization of standard handles in Windows' Secondary Logon Service. The vulnerability is known to affect versions of Windows 7-10 and 2k8-2k12 32 and 64 bit. This Metasploit module will only work against those versions of Windows with Powershell 2.0 or later and systems with two or more CPU cores.

tags | exploit

systems | windows

advisories | CVE-2016-0099

SHA-256 | 26f03a91eb8c8dde8874f73e8d5a247d4da47b1e8ea13cc74ba383ffcb0b25c5

Download | Favorite | View

Window Secondary Login Failed Sanitization

Posted Mar 17, 2016

Authored by Google Security Research, forshaw

The SecLogon service does not sanitize standard handles when creating a new process leading to duplicating a system service thread pool handle into a user accessible process. This can be used to elevate privileges to Local System.

tags | exploit, local

systems | linux

advisories | CVE-2016-0099

SHA-256 | 1503dd54222782a3e53678913f5880565b05a932180f2498066832dd8aed5905

Download | Favorite | View