0x00 引言
Windows 操作系统中包含一项名为 Microsoft Remote Registry Service(远程注册表服务)的功能,允许用户通过网络远程访问和管理目标系统的注册表内容。
0x01 漏洞概述
该漏洞的成因在于,当 Microsoft Remote Registry 客户端检测到 SMB 传输不可用时,会自动回退至使用 RPC(远程过程调用)进行认证,并切换到较旧的通信协议(如 TCP/IP),同时采用较低的安全认证级别(RPC_C_AUTHN_LEVEL_CONNECT)。此认证级别无法确保通信的完整性或身份真实性,导致攻击者可借此漏洞拦截 NTLM 身份验证过程,并将认证凭据中继至其他服务(例如 ADCS),从而实施 NTLM 中继攻击。通过该方式,攻击者可能非法创建域管理员账户,甚至完全控制整个域环境。
0x02 CVE 编号
CVE-2024-43532
0x03 受影响版本
英特尔AI工具
英特尔AI与机器学习解决方案
70 查看详情
Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems
0x04 漏洞验证
POC 地址:
https://www.php.cn/link/5142f159455fdf571ab0d67b89fa64f5
0x05 参考资料
https://www.php.cn/link/f1a64a0e360d5ddaf0a3b33c67e3c016
https://www.php.cn/link/5142f159455fdf571ab0d67b89fa64f5
以上就是CVE-2024-43532|Microsoft Remote Registry Service特权提升漏洞(POC)的详细内容,更多请关注创想鸟其它相关文章!
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。
如发现本站有涉嫌抄袭侵权/违法违规的内容, 请发送邮件至 chuangxiangniao@163.com 举报,一经查实,本站将立刻删除。
发布者:程序猿,转转请注明出处:https://www.chuangxiangniao.com/p/593194.html
微信扫一扫 
支付宝扫一扫 
