admin/Microsoft_Kernel_Memory_Leak
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1

Browse Source
This commit is contained in:
琴心
2021-10-14 15:34:03 +08:00
parent d961dff7bd
commit af128aa79b
3 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
10.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 225 KiB

BIN
9.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 93 KiB

19
README.md
View File

@@ -75,7 +75,7 @@ int main()
### win32kbase!NtDCompositionCommitSynchronizationObject ### win32kbase!NtDCompositionCommitSynchronizationObject
This Leak Point was non patch in windows 21h1(Not sure if the new patch fixes it) This Leak Point was non patch in windows 21h1
the full callstack: the full callstack:
@@ -109,15 +109,22 @@ in MSDN about "SeQueryInformationToken"
well , it doesn't seem to have been released well , it doesn't seem to have been released
### poc ### poc
None Because of time,but you can reappearance it by NtCallFuzz tool in Credit pool memory in windbg:
![](9.png)
No more code because of time,but you can reappearance it by NtCallFuzz tool in Credit
test time: 2021/10/14
![](10.png)
### Credit ### Credit
@[huoji][https://github.com/huoji120]
@[hfiref0x](https://github.com/hfiref0x) and [Windows NtCall Fuzz Tools][https://github.com/hfiref0x/NtCall64] @[hfiref0x](https://github.com/hfiref0x) and [Windows NtCall Fuzz Tools][https://github.com/hfiref0x/NtCall64]
@[huoji][https://github.com/huoji120]
@[heromantf][https://github.com/heromantf]