CVE 2020 16938 Save

Bypassing NTFS permissions to read any files as unprivileged user.

Project README

CVE-2020-16938

CVE-2020-16938 is a vulnerability that allows you to get unrestricted file read capabilities on the entire disk as unprivileged user. The bug was originally found and reported by my friend Jonas. His PoC can be found here.

My version of the exploit consists of a bunch of Windows API calls to get the handle directly without using 7zip, the PoC can be found in the poc folder which mirrors the tweet I created a while ago.

In short, this exploit allows you to dump the entire disk. The dump in itself can be opened using 7zip or any other parser that supports NTFS.

Open Source Agenda is not affiliated with "CVE 2020 16938" Project. README Source: ioncodes/CVE-2020-16938

Stars

188

Open Issues

Last Commit

3 years ago

Repository

ioncodes/CVE-2020-16938

Open Source Agenda Badge

<a href="https://www.opensourceagenda.com/projects/cve-2020-16938"><img src="https://www.opensourceagenda.com/projects/cve-2020-16938/reviews/badge.svg" alt="Open Source Agenda"></a>

Submit Review Review Your Favorite Project

Submit Resource Articles, Courses, Videos

Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022