Skip to content

floesen/EventLogCrasher

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
demo.gif
demo.gif
 
 
main.c
main.c
 
 

Repository files navigation

EventLogCrasher

Proof of concept for a bug, that allows any user to crash the Windows Event Log service of any other Windows 10/Windows Server 2022 machine on the same domain. The crash occurs in wevtsvc!VerifyUnicodeString when an attacker sends a malformed UNICODE_STRING object to the ElfrRegisterEventSourceW method exposed by the RPC-based EventLog Remoting Protocol.

Demo

Image

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

188 stars

Watchers

6 watching

Forks

36 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages