CVE-2022-34715-POC pcap
2022-9-14 18:53:16 Author: Ots安全(查看原文) 阅读量:54 收藏

CVE-2022-34715-POC pcap
nfssvr.sys version 10.0.20348.825

0: kd> rrax=0000000080000001 rbx=0000000000000000 rcx=ffffde87fe461150rdx=0000000000000000 rsi=fffff8040811aa50 rdi=0000000000000008rip=fffff80408067dbb rsp=ffffb400eb3e2630 rbp=ffffb400eb3e26b9 r8=0000001000000020  r9=ffff870fe95d40a4 r10=fffff80409b8cec0r11=0000000000000381 r12=0000000080000001 r13=0000000000000002r14=ffffde87fe461150 r15=fffff8040810d898iopl=0         nv up ei pl nz na pe nccs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00040202nfssvr!Nfs4SrvAclBuildWindowsAclsFromNfsAcl+0x39f:fffff804`08067dbb e880f10900      call    nfssvr!memset (fffff804`08106f40)0: kd> !pool rcxPool page ffffde87fe461150 region is Paged pool ffffde87fe461020 size:   30 previous size:    0  (Allocated)  CMNb ffffde87fe461050 size:   30 previous size:    0  (Allocated)  FLSk ffffde87fe461080 size:   30 previous size:    0  (Free)       Ntf0 ffffde87fe4610b0 size:   30 previous size:    0  (Free)       SeUs ffffde87fe4610e0 size:   30 previous size:    0  (Allocated)  CMNb ffffde87fe461110 size:   30 previous size:    0  (Allocated)  Ntf0*ffffde87fe461140 size:   30 previous size:    0  (Allocated) *TEMP    Owning component : Unknown (update pooltag.txt)1: kd> gKDTARGET: Refreshing KD connection...nt!DbgBreakPointWithStatus:fffff803`06c2f460 cc              int     31: kd> k # Child-SP          RetAddr               Call Site00 ffffbf0f`b8e449e8 fffff803`06d643d2     nt!DbgBreakPointWithStatus01 ffffbf0f`b8e449f0 fffff803`06d63c1d     nt!KiBugCheckDebugBreak+0x1202 ffffbf0f`b8e44a50 fffff803`06c26ef7     nt!KeBugCheck2+0xa7d03 ffffbf0f`b8e451b0 fffff803`06aea9a7     nt!KeBugCheckEx+0x10704 ffffbf0f`b8e451f0 fffff803`06ac486e     nt!MiSystemFault+0xa7705 ffffbf0f`b8e452f0 fffff803`06c359b5     nt!MmAccessFault+0x2ee06 ffffbf0f`b8e45490 fffff803`04d270b5     nt!KiPageFault+0x33507 ffffbf0f`b8e45620 fffff803`04c87dc0     nfssvr!_memset_repmovs+0x3508 ffffbf0f`b8e45630 fffff803`04c7af07     nfssvr!Nfs4SrvAclBuildWindowsAclsFromNfsAcl+0x3a409 ffffbf0f`b8e45710 fffff803`04c7cd47     nfssvr!Nfs4SrvFhcpSet_fattr4_acl+0x370a ffffbf0f`b8e45750 fffff803`04c40fba     nfssvr!Nfs4SrvFhcSetAttributes+0x3330b ffffbf0f`b8e45830 fffff803`04c29fac     nfssvr!Nfs4SrvOpSetAttr+0x36a0c ffffbf0f`b8e458e0 fffff803`04c2a52e     nfssvr!Nfs4SrvCpProcessCompound+0x4cc0d ffffbf0f`b8e45980 fffff803`04c2a755     nfssvr!Nfs4SrvInPacketInternal+0x2620e ffffbf0f`b8e459f0 fffff803`04c2177f     nfssvr!Nfs4SrvDispatch+0x1250f ffffbf0f`b8e45a30 fffff803`04c219e1     nfssvr!NfsSrvMessage+0x5b310 ffffbf0f`b8e45ad0 fffff803`0b5d5938     nfssvr!NfsSrvTcpMessage+0x1111 ffffbf0f`b8e45b00 00000000`00000000     0xfffff803`0b5d5938

文章来源: http://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247495532&idx=2&sn=50786e39e08a2eaff1eaa1451a1f44ec&chksm=9bada627acda2f318bd9e1405d81be1e7029f42719aedb4556e1b7424304ab82b922f702480c#rd
如有侵权请联系:admin#unsafe.sh