POC详情: ed55e4aa7b7b6eaf25ed3ce382a9cd3094a5d91c

来源
关联漏洞
标题: Macrium Reflect 安全漏洞 (CVE-2024-55511)
描述:Macrium Reflect是Macrium公司的一款用于 Microsoft Windows 的备份实用程序。 Macrium Reflect 8.1.8017之前版本存在安全漏洞,该漏洞源于存在空指针取消引用,攻击者可以通过执行特制的可执行文件来提升其权限。
描述
A null pointer dereference vulnerability in Macrium Reflect prior to 8.1.8017 allows an attacker to elevate their privileges via executing a specially crafted executable.
介绍
# CVE-2024-55511
 A null pointer dereference vulnerability in Macrium Reflect prior to 8.1.8017 allows an attacker to elevate their privileges via executing a specially crafted executable.

I will write more information about the bug such as my proposed CVSS scores and whatnot later (today or tomorrow).
For now, let's wait for NVD (and others) to add my exploit to the list of references for my CVE.
文件快照

[4.0K] /data/pocs/ed55e4aa7b7b6eaf25ed3ce382a9cd3094a5d91c ├── [4.0K] Binaries │   └── [116K] mrcbt_UNPATCHED.sys ├── [ 402] README.md └── [4.0K] Solution └── [4.0K] CVE-2024-55511 ├── [2.4K] CVE-2024-55511.c ├── [ 208] CVE-2024-55511.h ├── [1.3K] CVE-2024-55511.sln ├── [6.5K] CVE-2024-55511.vcxproj └── [2.1K] Shellcode.asm 3 directories, 7 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。