- https://msrc.microsoft.com/update-guide:官方KB对应补丁信息
- https://bugs.hacking8.com/tiquan:根据KB补丁号或者systeminfo查找对应的exp
- 【Extracting and Diffing Windows Patches in 2020】: 通过Windows更新提取和分析补丁(含代码)
- 【Bindiff】:二进制差异分析工具
- 【winbindex】: 用于获取windows 二进制文件的网站
-
https://github.com/ycdxsb/WindowsPrivilegeEscalation
-
https://github.com/Heptagrams/Heptagram/tree/master/Windows/Elevation
- https://www.anquanke.com/post/id/209329
- https://0xeb-bp.com/blog/2020/06/15/cve-2020-1054-analysis.html
- https://bbs.pediy.com/thread-260884.htm
影响版本:v1903、v1909
- Analyse
- Exp: v1903/v1909成功
- https://docs.microsoft.com/en-us/windows/win32/bits/background-intelligent-transfer-service-portal
- https://xz.aliyun.com/t/7935
- https://itm4n.github.io/cve-2020-0787-windows-bits-eop/
- https://github.com/itm4n/BitsArbitraryFileMove
- https://github.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION
- https://packetstormsecurity.com/files/158056/Background-Intelligent-Transfer-Service-Privilege-Escalation.html
- https://blog.ycdxsb.cn/57177eae.html
- http://repwn.com/archives/26/
- https://sensepost.com/blog/2017/exploiting-ms16-098-rgnobj-integer-overflow-on-windows-8.1-x64-bit-by-abusing-gdi-objects/
- https://xz.aliyun.com/t/2919
- https://security.tencent.com/index.php/blog/msg/117
- https://www.anquanke.com/post/id/85302
- https://paper.seebug.org/1439/
- https://paper.seebug.org/873/
- https://xz.aliyun.com/t/4549
- https://xz.aliyun.com/t/8984
- https://0x3f97.github.io/exploit/2018/11/09/windows-kernel-exploit-uaf-cve-2015-0057/
- https://www.blackhat.com/docs/asia-16/materials/asia-16-Wang-A-New-CVE-2015-0057-Exploit-Technology-wp.pdf
- https://research.nccgroup.com/wp-content/uploads/2020/12/Exploiting-CVE-2015.pdf
- https://github.com/0x3f97/windows-kernel-exploit/blob/master/cve-2015-0057/poc/main.cpp