CVE-2018-8120 icon indicating copy to clipboard operation
CVE-2018-8120 copied to clipboard

Published 20 hours ago verified publisher icon rip1s

Fail to alloc null page!

Open RaphaelVAnderson opened this issue 6 years ago • 5 comments

I ran it on win-2008 x64 but i get this message: [+] Detected kernel ntoskrnl.exe [-] Fail to alloc null page! Why did this happen? How can i do?

RaphaelVAnderson avatar May 31 '18 09:05 RaphaelVAnderson

It simply means failure in mapping the null page (zero address page).

Since the vulnerability is null pointer deference , zero page is required while exploiting this type of vulnerability.

Actually I have no idea what's happening because I exploit my win 2008 x64 (Datacenter) successfully.

rip1s avatar May 31 '18 15:05 rip1s

my win 2008 x64 also shows: [+] Detected kernel ntoskrnl.exe [-] Fail to alloc null page!

xiaoyuge16 avatar Jun 04 '18 12:06 xiaoyuge16

i think it is because of hotfix KB3033929, please confirm!

also cant be the addresses changed?

i mean by allocating memory somewhere else?

0x410c avatar Mar 09 '19 11:03 0x410c

@0x410c No, it must be allocated exactly at null page.

Well, I don't see anything affecting null page allocation from MS advisory, why u think this patch affects ?

rip1s avatar Mar 12 '19 12:03 rip1s

i dont have any official refrences to give but it seems, after this hotfix ntAllocateVirtualMemory return INVALID_PARAMATER_2 error if the allocation address is less than 0x1000.

0x410c avatar Mar 13 '19 06:03 0x410c