Skip to content

zwclose/CVE-2021-26258

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

This repo contains tools and supplementary files for CVE-2021-26258 PoC. See the blogpost for details of the vuln.

List of files:

  • rn.stg.original: original .stg file that comes with Intel Killer
  • rn.xml.original: .xml file extracted from rn.stg.original by using rnstg-tool
  • rn_custom.xml: custom .xml file that disables network access for Discord.exe and starts RemoteRegistry service
  • rn_custom.stg: custom .stg file derived from rn_custom.xml by using rnstg-tool
  • WebSrv.py: tiny web server written in Python3 for simulation of person-in-the-middle attack. The server just replies all HTTP requests with rn_custom.stg file located in the same directory as the server
  • rnstg-tool: source files of the tool for packing and unpacking Killer storage files. The tool has two commands: "unpack" command extracts rn.xml stream of the input file pased as first argument, decrypts it and stores the decrypted XML to the output file which is second argument of the command. Similarly, "unpack" command takes XML file as input, encrypts it and stores the ecnrypted content to the .stg file passed as the second argument. The storage file then can be fed to Killer via its update mechanism. The tool is pretty simplistic, it doesn't verify input and output files, so do not confuse commands and their arguments!

To run the demo add the following line to .hosts file "127.0.0.1 www.killernetworking.com", put rn_custom.stg to the same directory as WebSrv.py and run the script. Next, go to Killer UI, navigate to Settings tab and click "Download Latest App Priorities" button. For details of environment setup and video of the attack refer to Demo section of the blogpost. Feel free to ask questions in Twitter

About

Files and tools for CVE-2021-26258

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published