clfs cve denial-of-service kernel-driver reverse-engineering vulnerability vulnerability-research windows imhex imhex-pattern integer-overflow pwntools

CVE-2023-36900

About this vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900.
Writeup
Imhex pattern for .blf extension
Header with declaration of CLFS structures
Denial-of-Service proof of concept

Imhex pattern for blf extension

Before:

After:

The pattern is far from ideal, but it can be useful. Link

How to use:

File->Import->Pattern File

Denial of Service proof of concept

The proof of concept requres python and the pwntools module installed. Because testing has to be done on a specific build of Windows, to prevent Microsoft from updating your OS, it must not be connected to the Internet. Therefore, all dependencies need to be installed offline. How to install python modules without internet.
To run POC, copy the folder with POC to target machine and use following command:

python launch.py DoS

About

Denial-of-Service PoC | Writeup | Header with CLFS structures | Imhex pattern for .blf extension

clfs cve denial-of-service kernel-driver reverse-engineering vulnerability vulnerability-research windows imhex imhex-pattern integer-overflow pwntools

Languages

Language:C++ 41.8%Language:Python 36.9%Language:C 21.4%