windows_downdate(2024-08-27 17:02:19.869945)

404.html

@@ -101,11 +101,11 @@ <h1 class="warning__headline">404. Page not found</h1>
 	<h4 class="widget__title">Recent Posts</h4>
 	<div class="widget__content">
 		<ul class="widget__list">
+			<li class="widget__item"><a class="widget__link" href="/posts/windows_downdate/">[学习笔记]Windows Downdate 漏洞挖掘和利用学习</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_24949/">[CVE-2023-24949] Windows 内核提权漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21554/">[CVE-2023-21554] Windows Message Queuing 远程代码执行漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21768/">CVE-2023-21768 AFD for WinSock 提权漏洞利用思路探索</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/win32k_1732_21881/">Win32k 类型混淆漏洞分析指南</a></li>
-			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21752_1/">[CVE-2023-21752] Windows Backup Service 本地提权漏洞分析</a></li>
 		</ul>
 	</div>
 </div>
@@ -123,7 +123,7 @@ <h4 class="widget__title">Categories</h4>
 				</li>
 			<li class="widget__item">
 				<a class="widget__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a>&nbsp;
-				<span class="widget__counter widget__counter--bubble">5</span>
+				<span class="widget__counter widget__counter--bubble">6</span>
 				</li>
 		</ul>
 	</div>
@@ -133,8 +133,9 @@ <h4 class="widget__title">Tags</h4>
 	<div class="widget__content">
 		<a class="widget-taglist__link widget__link btn" href="/tags/binary/" title="binary">binary (7)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/cve/" title="cve">cve (5)</a>
-		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (3)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (4)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/hevd/" title="HEVD">HEVD (2)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/notes/" title="notes">notes (1)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/os/" title="os">os (2)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/poc/" title="poc">poc (2)</a>
 	</div>
@@ -164,7 +165,7 @@ <h4 class="widget-social__title widget__title">Social</h4>
 	<div class="container footer__container flex">
 
 		<div class="footer__copyright">
-			&copy; 2023 Logic Security 逻辑门.
+			&copy; 2024 Logic Security 逻辑门.
 			<span class="footer__copyright-credits">Generated with <a href="https://gohugo.io/" rel="nofollow noopener" target="_blank">Hugo</a> and <a href="https://github.com/Vimux/Mainroad/" rel="nofollow noopener" target="_blank">Mainroad</a> theme.</span>
 		</div>
 	</div>

categories/hevd/index.html

@@ -158,11 +158,11 @@ <h2 class="list__title post__title">
 	<h4 class="widget__title">Recent Posts</h4>
 	<div class="widget__content">
 		<ul class="widget__list">
+			<li class="widget__item"><a class="widget__link" href="/posts/windows_downdate/">[学习笔记]Windows Downdate 漏洞挖掘和利用学习</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_24949/">[CVE-2023-24949] Windows 内核提权漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21554/">[CVE-2023-21554] Windows Message Queuing 远程代码执行漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21768/">CVE-2023-21768 AFD for WinSock 提权漏洞利用思路探索</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/win32k_1732_21881/">Win32k 类型混淆漏洞分析指南</a></li>
-			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21752_1/">[CVE-2023-21752] Windows Backup Service 本地提权漏洞分析</a></li>
 		</ul>
 	</div>
 </div>
@@ -180,7 +180,7 @@ <h4 class="widget__title">Categories</h4>
 				</li>
 			<li class="widget__item">
 				<a class="widget__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a>&nbsp;
-				<span class="widget__counter widget__counter--bubble">5</span>
+				<span class="widget__counter widget__counter--bubble">6</span>
 				</li>
 		</ul>
 	</div>
@@ -190,8 +190,9 @@ <h4 class="widget__title">Tags</h4>
 	<div class="widget__content">
 		<a class="widget-taglist__link widget__link btn" href="/tags/binary/" title="binary">binary (7)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/cve/" title="cve">cve (5)</a>
-		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (3)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (4)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/hevd/" title="HEVD">HEVD (2)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/notes/" title="notes">notes (1)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/os/" title="os">os (2)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/poc/" title="poc">poc (2)</a>
 	</div>
@@ -221,7 +222,7 @@ <h4 class="widget-social__title widget__title">Social</h4>
 	<div class="container footer__container flex">
 
 		<div class="footer__copyright">
-			&copy; 2023 Logic Security 逻辑门.
+			&copy; 2024 Logic Security 逻辑门.
 			<span class="footer__copyright-credits">Generated with <a href="https://gohugo.io/" rel="nofollow noopener" target="_blank">Hugo</a> and <a href="https://github.com/Vimux/Mainroad/" rel="nofollow noopener" target="_blank">Mainroad</a> theme.</span>
 		</div>
 	</div>

categories/index.html

@@ -95,7 +95,7 @@ <h2 class="list__title post__title">
 	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
 </div>
 <div class="meta__item-datetime meta__item">
-	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2023-06-12T16:57:51&#43;08:00">2023-06-12</time></div>
+	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2024-08-27T15:55:41&#43;08:00">2024-08-27</time></div>
 
 
     <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
@@ -171,11 +171,11 @@ <h2 class="list__title post__title">
 	<h4 class="widget__title">Recent Posts</h4>
 	<div class="widget__content">
 		<ul class="widget__list">
+			<li class="widget__item"><a class="widget__link" href="/posts/windows_downdate/">[学习笔记]Windows Downdate 漏洞挖掘和利用学习</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_24949/">[CVE-2023-24949] Windows 内核提权漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21554/">[CVE-2023-21554] Windows Message Queuing 远程代码执行漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21768/">CVE-2023-21768 AFD for WinSock 提权漏洞利用思路探索</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/win32k_1732_21881/">Win32k 类型混淆漏洞分析指南</a></li>
-			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21752_1/">[CVE-2023-21752] Windows Backup Service 本地提权漏洞分析</a></li>
 		</ul>
 	</div>
 </div>
@@ -193,7 +193,7 @@ <h4 class="widget__title">Categories</h4>
 				</li>
 			<li class="widget__item">
 				<a class="widget__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a>&nbsp;
-				<span class="widget__counter widget__counter--bubble">5</span>
+				<span class="widget__counter widget__counter--bubble">6</span>
 				</li>
 		</ul>
 	</div>
@@ -203,8 +203,9 @@ <h4 class="widget__title">Tags</h4>
 	<div class="widget__content">
 		<a class="widget-taglist__link widget__link btn" href="/tags/binary/" title="binary">binary (7)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/cve/" title="cve">cve (5)</a>
-		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (3)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (4)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/hevd/" title="HEVD">HEVD (2)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/notes/" title="notes">notes (1)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/os/" title="os">os (2)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/poc/" title="poc">poc (2)</a>
 	</div>
@@ -234,7 +235,7 @@ <h4 class="widget-social__title widget__title">Social</h4>
 	<div class="container footer__container flex">
 
 		<div class="footer__copyright">
-			&copy; 2023 Logic Security 逻辑门.
+			&copy; 2024 Logic Security 逻辑门.
 			<span class="footer__copyright-credits">Generated with <a href="https://gohugo.io/" rel="nofollow noopener" target="_blank">Hugo</a> and <a href="https://github.com/Vimux/Mainroad/" rel="nofollow noopener" target="_blank">Mainroad</a> theme.</span>
 		</div>
 	</div>

categories/index.xml

@@ -6,11 +6,11 @@
     <description>Recent content in Categories on Logic Security 逻辑门</description>
     <generator>Hugo -- gohugo.io</generator>
     <language>zh</language>
-    <lastBuildDate>Mon, 12 Jun 2023 16:57:51 +0800</lastBuildDate><atom:link href="https://www.zoemurmure.top/categories/index.xml" rel="self" type="application/rss+xml" />
+    <lastBuildDate>Tue, 27 Aug 2024 15:55:41 +0800</lastBuildDate><atom:link href="https://www.zoemurmure.top/categories/index.xml" rel="self" type="application/rss+xml" />
     <item>
       <title>漏洞分析</title>
       <link>https://www.zoemurmure.top/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/</link>
-      <pubDate>Mon, 12 Jun 2023 16:57:51 +0800</pubDate>
+      <pubDate>Tue, 27 Aug 2024 15:55:41 +0800</pubDate>
 
       <guid>https://www.zoemurmure.top/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/</guid>
       <description></description>

categories/基础知识/index.html

@@ -158,11 +158,11 @@ <h2 class="list__title post__title">
 	<h4 class="widget__title">Recent Posts</h4>
 	<div class="widget__content">
 		<ul class="widget__list">
+			<li class="widget__item"><a class="widget__link" href="/posts/windows_downdate/">[学习笔记]Windows Downdate 漏洞挖掘和利用学习</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_24949/">[CVE-2023-24949] Windows 内核提权漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21554/">[CVE-2023-21554] Windows Message Queuing 远程代码执行漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21768/">CVE-2023-21768 AFD for WinSock 提权漏洞利用思路探索</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/win32k_1732_21881/">Win32k 类型混淆漏洞分析指南</a></li>
-			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21752_1/">[CVE-2023-21752] Windows Backup Service 本地提权漏洞分析</a></li>
 		</ul>
 	</div>
 </div>
@@ -180,7 +180,7 @@ <h4 class="widget__title">Categories</h4>
 				</li>
 			<li class="widget__item">
 				<a class="widget__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a>&nbsp;
-				<span class="widget__counter widget__counter--bubble">5</span>
+				<span class="widget__counter widget__counter--bubble">6</span>
 				</li>
 		</ul>
 	</div>
@@ -190,8 +190,9 @@ <h4 class="widget__title">Tags</h4>
 	<div class="widget__content">
 		<a class="widget-taglist__link widget__link btn" href="/tags/binary/" title="binary">binary (7)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/cve/" title="cve">cve (5)</a>
-		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (3)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (4)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/hevd/" title="HEVD">HEVD (2)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/notes/" title="notes">notes (1)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/os/" title="os">os (2)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/poc/" title="poc">poc (2)</a>
 	</div>
@@ -221,7 +222,7 @@ <h4 class="widget-social__title widget__title">Social</h4>
 	<div class="container footer__container flex">
 
 		<div class="footer__copyright">
-			&copy; 2023 Logic Security 逻辑门.
+			&copy; 2024 Logic Security 逻辑门.
 			<span class="footer__copyright-credits">Generated with <a href="https://gohugo.io/" rel="nofollow noopener" target="_blank">Hugo</a> and <a href="https://github.com/Vimux/Mainroad/" rel="nofollow noopener" target="_blank">Mainroad</a> theme.</span>
 		</div>
 	</div>

categories/漏洞分析/index.html

@@ -85,6 +85,34 @@
 		<h1 class="main__title">漏洞分析</h1>
 	</header><article class="list__item post">
 
+	<header class="list__header">
+		<h2 class="list__title post__title">
+			<a href="/posts/windows_downdate/" rel="bookmark">
+			[学习笔记]Windows Downdate 漏洞挖掘和利用学习
+			</a>
+		</h2>
+		<div class="list__meta meta"><div class="meta__item-author meta__item">
+	<svg class="meta__icon icon icon-author" width="16" height="16" viewBox="0 0 12 16"><path d="M6 1c2.2 0 3.5 2 3.5 4.5C9.5 7 8.9 8.2 8 9c2.9.8 4 2.5 4 5v1H0v-1c0-2.5 1.1-4.2 4-5-.9-.8-1.5-2-1.5-3.5C2.5 3 3.8 1 6 1z"/></svg><span class="meta__text">zoemurmure</span>
+</div>
+<div class="meta__item-datetime meta__item">
+	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg><time class="meta__text" datetime="2024-08-27T15:55:41&#43;08:00">2024-08-27</time></div>
+
+
+    <span id="busuanzi_container_page_pv">|<span id="busuanzi_value_page_pv"></span><span>
+    <span class="post-date">共2984字</span>，阅读约<span class="more-meta"> 6 分钟</span>
+
+<div class="meta__item-categories meta__item"><svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg><span class="meta__text"><a class="meta__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/" rel="category">漏洞分析</a>
+	</span>
+</div></div>
+	</header>
+	<div class="content list__excerpt post__content clearfix">
+		简述 在这篇文章中，作者通过检查 Windows Update 的结构及流程，发现了其中存在的漏洞。在 Administrator 的权限下，攻击者可以通过修改注册表键值，任意控制系统文件，对其进行
+	</div>
+	<div class="list__footer clearfix">
+		<a class="list__footer-readmore btn" href="/posts/windows_downdate/">Read more…</a>
+	</div>
+</article><article class="list__item post">
+
 	<header class="list__header">
 		<h2 class="list__title post__title">
 			<a href="/posts/cve_2023_24949/" rel="bookmark">
@@ -242,11 +270,11 @@ <h2 class="list__title post__title">
 	<h4 class="widget__title">Recent Posts</h4>
 	<div class="widget__content">
 		<ul class="widget__list">
+			<li class="widget__item"><a class="widget__link" href="/posts/windows_downdate/">[学习笔记]Windows Downdate 漏洞挖掘和利用学习</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_24949/">[CVE-2023-24949] Windows 内核提权漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21554/">[CVE-2023-21554] Windows Message Queuing 远程代码执行漏洞分析</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21768/">CVE-2023-21768 AFD for WinSock 提权漏洞利用思路探索</a></li>
 			<li class="widget__item"><a class="widget__link" href="/posts/win32k_1732_21881/">Win32k 类型混淆漏洞分析指南</a></li>
-			<li class="widget__item"><a class="widget__link" href="/posts/cve_2023_21752_1/">[CVE-2023-21752] Windows Backup Service 本地提权漏洞分析</a></li>
 		</ul>
 	</div>
 </div>
@@ -264,7 +292,7 @@ <h4 class="widget__title">Categories</h4>
 				</li>
 			<li class="widget__item">
 				<a class="widget__link" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a>&nbsp;
-				<span class="widget__counter widget__counter--bubble">5</span>
+				<span class="widget__counter widget__counter--bubble">6</span>
 				</li>
 		</ul>
 	</div>
@@ -274,8 +302,9 @@ <h4 class="widget__title">Tags</h4>
 	<div class="widget__content">
 		<a class="widget-taglist__link widget__link btn" href="/tags/binary/" title="binary">binary (7)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/cve/" title="cve">cve (5)</a>
-		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (3)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/exploit/" title="exploit">exploit (4)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/hevd/" title="HEVD">HEVD (2)</a>
+		<a class="widget-taglist__link widget__link btn" href="/tags/notes/" title="notes">notes (1)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/os/" title="os">os (2)</a>
 		<a class="widget-taglist__link widget__link btn" href="/tags/poc/" title="poc">poc (2)</a>
 	</div>
@@ -305,7 +334,7 @@ <h4 class="widget-social__title widget__title">Social</h4>
 	<div class="container footer__container flex">
 
 		<div class="footer__copyright">
-			&copy; 2023 Logic Security 逻辑门.
+			&copy; 2024 Logic Security 逻辑门.
 			<span class="footer__copyright-credits">Generated with <a href="https://gohugo.io/" rel="nofollow noopener" target="_blank">Hugo</a> and <a href="https://github.com/Vimux/Mainroad/" rel="nofollow noopener" target="_blank">Mainroad</a> theme.</span>
 		</div>
 	</div>

categories/漏洞分析/index.xml

@@ -6,7 +6,16 @@
     <description>Recent content in 漏洞分析 on Logic Security 逻辑门</description>
     <generator>Hugo -- gohugo.io</generator>
     <language>zh</language>
-    <lastBuildDate>Mon, 12 Jun 2023 16:57:51 +0800</lastBuildDate><atom:link href="https://www.zoemurmure.top/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/index.xml" rel="self" type="application/rss+xml" />
+    <lastBuildDate>Tue, 27 Aug 2024 15:55:41 +0800</lastBuildDate><atom:link href="https://www.zoemurmure.top/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>[学习笔记]Windows Downdate 漏洞挖掘和利用学习</title>
+      <link>https://www.zoemurmure.top/posts/windows_downdate/</link>
+      <pubDate>Tue, 27 Aug 2024 15:55:41 +0800</pubDate>
+
+      <guid>https://www.zoemurmure.top/posts/windows_downdate/</guid>
+      <description>简述 在这篇文章中，作者通过检查 Windows Update 的结构及流程，发现了其中存在的漏洞。在 Administrator 的权限下，攻击者可以通过修改注册表键值，任意控制系统文件，对其进行</description>
+    </item>
+
     <item>
       <title>[CVE-2023-24949] Windows 内核提权漏洞分析</title>
       <link>https://www.zoemurmure.top/posts/cve_2023_24949/</link>