标签归档 » CVE-2013-5065

NDProxy Local SYSTEM exploit(CVE-2013-5065)

Recently I post the blog The Shellcode Used in the latest Zero Day Attack Analysis (CVE-2013-5065&CVE-2013-3346) which include the cve-2013-5065 exploit code. And if you read carefully, you can find the details. Now I transfer the assembly code to c code. If execute successfully, it can pop a calc.exe with SYSTEM Privilege. Have fun!

The Shellcode Used in the latest Zero Day Attack Analysis (CVE-2013-5065&CVE-2013-3346)

Now I show the shellcode and show what the shellcode do. That’s a cool thing to analyze the 0day attacking sample.