CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost (by danigargu)
CVE-2022-21894
baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability (by Wack0)
Our great sponsors
CVE-2020-0796 | CVE-2022-21894 | |
---|---|---|
2 | 5 | |
1,286 | 276 | |
- | - | |
0.0 | 2.4 | |
over 3 years ago | 7 months ago | |
C | C | |
- | The Unlicense |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
CVE-2020-0796
Posts with mentions or reviews of CVE-2020-0796.
We have used some of these posts to build our list of alternatives
and similar projects.
-
Compiling exploits (SMBGhost)
Can someone tell me how to compile an exploit with both an .sln and a .cpp? Here is the exploit specifically: https://github.com/danigargu/CVE-2020-0796 I know I need to edit the .cpp with my own payload bit I don't know if I'm supposed to open the sln or the cpp in Visual Studio and compile it?
-
Visual Studio needed for exam?
You might want to link to the github.com repo instead https://github.com/danigargu/CVE-2020-0796
CVE-2022-21894
Posts with mentions or reviews of CVE-2022-21894.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-03-08.
-
Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw
ESET described what BlackLotus does to exploit baton drop:
-
BlackLotus UEFI bootkit: Myth confirmed
CVE-2022-21894 PoC: Secure Boot Security Feature Bypass Vulnerability https://github.com/Wack0/CVE-2022-21894
-
First in-the-wild UEFI bootkit bypassing UEFI Secure Boot
The write-up I saw suggests that revoking the Windows bootloader would cause existing install and restore images to fail to boot even with Secure Boot disabled because it checks its own signature, which would be pretty amazing if true: https://github.com/Wack0/CVE-2022-21894
- Baton Drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
What are some alternatives?
When comparing CVE-2020-0796 and CVE-2022-21894 you can also consider the following projects:
windows-kernel-exploits - windows-kernel-exploits Windows平台提权漏洞集合
Ventoy - A new bootable USB solution.
CVE-2021-4034 - PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
bootkit-samples - Bootkit sample for firmware attack
universal-otherapp - Userland -> Kernel11 -> Arm9 otherapp for 3DS system versions 1.0 to <= 11.15
AreWeAntiCheatYet - A comprehensive and crowd-sourced list of games using anti-cheats and their compatibility with GNU/Linux or Wine.