index.html

<!DOCTYPE html>
<html class="no-js" lang="en">
<head>
	<meta name="generator" content="Hugo 0.109.0">
	<meta charset="UTF-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<title>Logic Security 逻辑门</title>
	<script>(function(d,e){d[e]=d[e].replace("no-js","js");})(document.documentElement,"className");</script>
	<meta name="description" content="zoemurmure 的安全博客，讨论有关漏洞分析与利用的问题，欢迎通过邮箱进行交流~">
		<meta property="og:title" content="Logic Security 逻辑门" />
<meta property="og:description" content="zoemurmure 的安全博客，讨论有关漏洞分析与利用的问题，欢迎通过邮箱进行交流~" />
<meta property="og:type" content="website" />
<meta property="og:url" content="https://www.zoemurmure.top/" />

		<meta itemprop="name" content="Logic Security 逻辑门">
<meta itemprop="description" content="zoemurmure 的安全博客，讨论有关漏洞分析与利用的问题，欢迎通过邮箱进行交流~">
	<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
	<link rel="dns-prefetch" href="//fonts.googleapis.com">
	<link rel="dns-prefetch" href="//fonts.gstatic.com">
	<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700">

	<link rel="stylesheet" href="/css/style.css">
	<link rel="stylesheet" href="/css/custom.css">
	<link rel="alternate" type="application/rss+xml" href="/index.xml" title="Logic Security 逻辑门">

	<link rel="shortcut icon" href="/favicon.ico">
		
<script async src="https://www.googletagmanager.com/gtag/js?id=G-CPJWE5ZVG9"></script>
<script>
var doNotTrack = false;
if (!doNotTrack) {
	window.dataLayer = window.dataLayer || [];
	function gtag(){dataLayer.push(arguments);}
	gtag('js', new Date());
	gtag('config', 'G-CPJWE5ZVG9', { 'anonymize_ip': false });
}
</script>

</head>
<body class="body">
	<div class="container container--outer">
		<header class="header">
	<div class="container header__container">
		
	<div class="logo logo--mixed">
		<a class="logo__link" href="/" title="Logic Security 逻辑门" rel="home">
			<div class="logo__item logo__imagebox">
					<img class="logo__img" src="/img/blog_img.png">
				</div><div class="logo__item logo__text">
					<div class="logo__title">Logic Security 逻辑门</div>
					<div class="logo__tagline">欢迎关注同名微信公众号：逻辑门(*^_^*)</div>
				</div>
		</a>
	</div>
		
<nav class="menu">
	<button class="menu__btn" aria-haspopup="true" aria-expanded="false" tabindex="0">
		<span class="menu__btn-title" tabindex="-1">Menu</span>
	</button>
	<ul class="menu__list">
		<li class="menu__item">
			<a class="menu__link" href="/">
				
				<span class="menu__text">Home</span>
				
			</a>
		</li>
		<li class="menu__item">
			<a class="menu__link" href="/history/">
				
				<span class="menu__text">历史文章</span>
				
			</a>
		</li>
	</ul>
</nav>

	</div>
</header>
		<div class="wrapper flex">
			<div class="primary">
			
<main class="main list" role="main">
	<article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/cve_2024_43560/" rel="bookmark">
			[CVE-2024-43560] Windows 存储端口驱动程序权限提升漏洞
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2024-10-21T18:15:39&#43;08:00">2024-10-21</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共3001字</span>，阅读约<span class="more-meta"> 6 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/" rel="category">漏洞分析</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		1. 背景知识 根据漏洞名称(Microsoft Windows Storage Port Driver)搜索确定对应文件为 storport.sys，该驱动用于计算机和高性能存储设备之
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/cve_2024_43560/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/windows_downdate/" rel="bookmark">
			[学习笔记]Windows Downdate 漏洞挖掘和利用学习
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2024-08-27T15:55:41&#43;08:00">2024-08-27</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共2984字</span>，阅读约<span class="more-meta"> 6 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/" rel="category">漏洞分析</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		简述 在这篇文章中，作者通过检查 Windows Update 的结构及流程，发现了其中存在的漏洞。在 Administrator 的权限下，攻击者可以通过修改注册表键值，任意控制系统文件，对其进行
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/windows_downdate/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/cve_2023_24949/" rel="bookmark">
			[CVE-2023-24949] Windows 内核提权漏洞分析
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-06-12T16:57:51&#43;08:00">2023-06-12</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共5274字</span>，阅读约<span class="more-meta"> 11 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/" rel="category">漏洞分析</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		0. 前言 这篇文章介绍了 CVE-2023-24949 漏洞，该漏洞英文全称是 “Windows Kernel Elevation of Privilege Vulnerability”，由此判断漏洞位于 ntoskrnl.exe 中。根据官方说明，攻击者
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/cve_2023_24949/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/cve_2023_21554/" rel="bookmark">
			[CVE-2023-21554] Windows Message Queuing 远程代码执行漏洞分析
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-05-17T17:14:55&#43;08:00">2023-05-17</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共5796字</span>，阅读约<span class="more-meta"> 12 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/" rel="category">漏洞分析</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		0. 前言 这篇文章介绍了 CVE-2023-21554 漏洞，该漏洞存在于微软的消息队列 (MSMQ) 服务中，由于该服务没有正确对数据包中的数据进行验证，攻击者利用该漏洞可以实现远程命令
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/cve_2023_21554/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/cve_2023_21768/" rel="bookmark">
			CVE-2023-21768 AFD for WinSock 提权漏洞利用思路探索
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-04-21T09:52:44&#43;08:00">2023-04-21</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共7637字</span>，阅读约<span class="more-meta"> 16 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/" rel="category">漏洞分析</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		1. 前言 这篇文章分析了 CVE-2023-21768 漏洞，该漏洞存在于 Windows 操作系统的 AFD 驱动程序中。文章中原文指代参考链接[1]的文章，通过对该篇文章的学习，我复现并重新编写
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/cve_2023_21768/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/win32k_1732_21881/" rel="bookmark">
			Win32k 类型混淆漏洞分析指南
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-02-07T14:25:08&#43;08:00">2023-02-07</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共7975字</span>，阅读约<span class="more-meta"> 16 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/" rel="category">漏洞分析</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		0. 前言 众所周知，win32k 在近几年为 Windows 提权漏洞贡献了很多力量，我也一直想搞清楚这类漏洞的原理，为此看了很多相关论文。但是作为一个内核漏洞研
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/win32k_1732_21881/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/cve_2023_21752_1/" rel="bookmark">
			[CVE-2023-21752] Windows Backup Service 本地提权漏洞分析
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-01-17T19:06:30&#43;08:00">2023-01-17</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共5072字</span>，阅读约<span class="more-meta"> 11 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/" rel="category">漏洞分析</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		0. 前言 CVE-2023-21752 是 2023 年开年微软第一个有 exploit 的漏洞，原本以为有利用代码会很好分析，但是结果花费了很长时间，难点主要了两个：漏洞点定位和漏洞利用代码分析，
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/cve_2023_21752_1/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/csrss_base/" rel="bookmark">
			CSRSS 基础知识
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-01-10T17:07:41&#43;08:00">2023-01-10</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共5110字</span>，阅读约<span class="more-meta"> 11 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E5%9F%BA%E7%A1%80%E7%9F%A5%E8%AF%86/" rel="category">基础知识</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		0. 前言 这是一篇不完整的 csrss 介绍，因为前段时间在看 csrss 相关的漏送，所以对相关的知识做了一下整理，因此你无法只通过这篇文章完全了解 csrss，但是如
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/csrss_base/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/x64_paging/" rel="bookmark">
			X64 分页机制
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-01-10T15:09:38&#43;08:00">2023-01-10</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共3007字</span>，阅读约<span class="more-meta"> 7 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E5%9F%BA%E7%A1%80%E7%9F%A5%E8%AF%86/" rel="category">基础知识</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		前言 在学习 HEVD 的过程中发现有很多知识不了解，这篇文章因此出现，文章内容翻译自参考资料^[1]^，出于学习目的考虑，内容和结构有所调整。 基本定义
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/x64_paging/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/hevd_stackoberflowgs/" rel="bookmark">
			[HEVD exploit 系列] StackOverflowGS
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-01-10T11:18:29&#43;08:00">2023-01-10</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共5357字</span>，阅读约<span class="more-meta"> 11 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/hevd/" rel="category">HEVD</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		0. 前言 HackSys Extreme Vulnerable Driver (HEVD) 是出于学习内核的漏洞利用技巧而开发的具有多个漏洞的 Windows 驱动程序。本文介绍了 Windows 10 64 位环境下如何绕过带有 /GS 保护措施的栈溢出漏洞，涉
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/hevd_stackoberflowgs/">Read more…</a>
	</div>
</article><article class="list__item post">
	
	<header class="list__header">
		<h2 class="list__title post__title">
			<a href="/posts/hevd_stackoverflow/" rel="bookmark">
			[HEVD exploit 系列] StackOverflow
			</a>
		</h2>
		<div class="list__meta meta"><div class="meta__item-author meta__item">
	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
</div>
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-01-10T11:18:24&#43;08:00">2023-01-10</time></div>


    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
    <span class="post-date">共1478字</span>，阅读约<span class="more-meta"> 3 分钟</span>

<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/hevd/" rel="category">HEVD</a>
	</span>
</div></div>
	</header>
	<div class="content list__excerpt post__content clearfix">
		目标函数 TriggerBufferOverflowStack __int64 __fastcall TriggerBufferOverflowStack(void *Src, unsigned __int64 Size) { char Dst[2048]; // [rsp&#43;20h] [rbp-818h] BYREF memset(Dst, 0, sizeof(Dst)); ProbeForRead(Src, 0x800ui64, 1u); DbgPrintEx(0x4Du, 3u, &amp;#34;[&#43;] UserBuffer: 0x%p\n&amp;#34;, Src); DbgPrintEx(0x4D
	</div>
	<div class="list__footer clearfix">
		<a class="list__footer-readmore btn" href="/posts/hevd_stackoverflow/">Read more…</a>
	</div>
</article>
</main>


			</div>
			<aside class="sidebar"><div class="widget-search widget">
	<form class="widget-search__form" role="search" method="get" action="https://google.com/search">
		<label>
			<input class="widget-search__field" type="search" placeholder="SEARCH…" value="" name="q" aria-label="SEARCH…">
		</label>
		<input class="widget-search__submit" type="submit" value="Search">
		<input type="hidden" name="sitesearch" value="https://www.zoemurmure.top">
	</form>
</div>
<div class="widget-recent widget">
	<h4 class="widget__title">Recent Posts</h4>
	<div class="widget__content">
		<ul class="widget__list">
			<li class="widget__item"><a class="widget__link" href="/posts/cve_2024_43560/">[CVE-2024-43560] Windows 存储端口驱动程序权限提升漏洞</a></li>
			<li class="widget__item"><a class="widget__link" href="/posts/windows_downdate/">[学习笔记]Windows Downdate 漏洞挖掘和利用学习</a></li>
			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_24949/">[CVE-2023-24949] Windows 内核提权漏洞分析</a></li>
			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21554/">[CVE-2023-21554] Windows Message Queuing 远程代码执行漏洞分析</a></li>
			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21768/">CVE-2023-21768 AFD for WinSock 提权漏洞利用思路探索</a></li>
		</ul>
	</div>
</div>
<div class="widget-categories widget">
	<h4 class="widget__title">Categories</h4>
	<div class="widget__content">
		<ul class="widget__list">
			<li class="widget__item">
				<a class="widget__link" href="/categories/hevd/">HEVD</a>&nbsp;
				<span class="widget__counter widget__counter--bubble">2</span>
				</li>
			<li class="widget__item">
				<a class="widget__link" href="/categories/%E5%9F%BA%E7%A1%80%E7%9F%A5%E8%AF%86/">基础知识</a>&nbsp;
				<span class="widget__counter widget__counter--bubble">2</span>
				</li>
			<li class="widget__item">
				<a class="widget__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a>&nbsp;
				<span class="widget__counter widget__counter--bubble">7</span>
				</li>
		</ul>
	</div>
</div>
<div class="widget-taglist widget">
	<h4 class="widget__title">Tags</h4>
	<div class="widget__content">
		<a class="widget-taglist__link widget__link btn" href="/tags/binary/" title="binary">binary (8)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/cve/" title="cve">cve (6)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (5)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/hevd/" title="HEVD">HEVD (2)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/notes/" title="notes">notes (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/os/" title="os">os (2)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/poc/" title="poc">poc (2)</a>
	</div>
</div>
<div class="widget-social widget">
	<h4 class="widget-social__title widget__title">Social</h4>
	<div class="widget-social__content widget__content">
		<div class="widget-social__item widget__item">
			<a class="widget-social__link widget__link btn" title="GitHub" rel="noopener noreferrer" href="https://github.com/zoemurmure" target="_blank">
				<svg class="widget-social__link-icon icon icon-github" width="24" height="24" viewBox="0 0 384 374"><path d="m192 0c-106.1 0-192 85.8-192 191.7 0 84.7 55 156.6 131.3 181.9 9.6 1.8 13.1-4.2 13.1-9.2 0-4.6-.2-16.6-.3-32.6-53.4 11.6-64.7-25.7-64.7-25.7-8.7-22.1-21.3-28-21.3-28-17.4-11.9 1.3-11.6 1.3-11.6 19.3 1.4 29.4 19.8 29.4 19.8 17.1 29.3 44.9 20.8 55.9 15.9 1.7-12.4 6.7-20.8 12.2-25.6-42.6-4.8-87.5-21.3-87.5-94.8 0-20.9 7.5-38 19.8-51.4-2-4.9-8.6-24.3 1.9-50.7 0 0 16.1-5.2 52.8 19.7 15.3-4.2 31.7-6.4 48.1-6.5 16.3.1 32.7 2.2 48.1 6.5 36.7-24.8 52.8-19.7 52.8-19.7 10.5 26.4 3.9 45.9 1.9 50.7 12.3 13.4 19.7 30.5 19.7 51.4 0 73.7-44.9 89.9-87.7 94.6 6.9 5.9 13 17.6 13 35.5 0 25.6-.2 46.3-.2 52.6 0 5.1 3.5 11.1 13.2 9.2 76.2-25.5 131.2-97.3 131.2-182 0-105.9-86-191.7-192-191.7z"/></svg>
				<span>GitHub</span>
			</a>
		</div>
		<div class="widget-social__item widget__item">
			<a class="widget-social__link widget__link btn" title="Email" href="mailto:zoemurmure@gmail.com">
				<svg class="widget-social__link-icon icon icon-mail" width="24" height="24" viewBox="0 0 416 288"><path d="m0 16v256 16h16 384 16v-16-256-16h-16-384-16zm347 16-139 92.5-139-92.5zm-148 125.5 9 5.5 9-5.5 167-111.5v210h-352v-210z"/></svg>
				<span>zoemurmure@gmail.com</span>
			</a>
		</div>

		
	</div>
</div>
</aside>
		</div>
		<footer class="footer">
	<div class="container footer__container flex">
		
		<div class="footer__copyright">
			&copy; 2024 Logic Security 逻辑门.
			<span class="footer__copyright-credits">Generated with <a href="https://gohugo.io/" rel="nofollow noopener" target="_blank">Hugo</a> and <a href="https://github.com/Vimux/Mainroad/" rel="nofollow noopener" target="_blank">Mainroad</a> theme.</span>
		</div>
	</div>
</footer>
	</div>
<script async defer src="/js/menu.js"></script>
<script src="/js/custom.js"></script></body>
</html>