分析文章在这里:
https://mp.weixin.qq.com/s/9W9puJltbK-xto2A1duqgQ
https://www.zoemurmure.top/posts/cve_2023_21768/
根据 Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours 自己编写出来的,添加了提权后的 cleanup 代码,可成功实现提权。测试平台:Windows 11 22621.963 Windows Feature Experience Pack 1000.22638.1000.0
运行截图:
提权成功:
