CVE-2013-3900

This PowerShell script demonstrates CVE-2013-3900 by injecting padding into the certificate section of a signed PE file (e.g., MSBuild.exe) to bypass Authenticode signature validation. It modifies the file, checks the signature status, and verifies the impact using WinVerifyTrust API calls.

This PowerShell script demonstrates CVE-2013-3900 by injecting padding into the certificate section of a signed PE file, bypassing Authenticode validation on systems without the EnableCertPaddingCheck registry setting.

This PowerShell script mitigates CVE-2013-3900 by enabling the EnableCertPaddingCheck registry key to enforce stricter Authenticode signature validation. It ensures the registry keys are set in both 64-bit and Wow6432Node paths to prevent exploitation of the WinVerifyTrust vulnerability.

This repository contains a PowerShell script to mitigate CVE-2013-3900 by enforcing the WinVerifyTrust certificate padding check via registry settings. It is designed to address a Tenable/Nessus finding and includes verification logic.

This repository documents the remediation process for CVE-2013-3900, a WinVerifyTrust signature validation flaw, using PowerShell to apply a registry-based fix. It includes detection, remediation, and verification steps but does not contain exploit code.

This PowerShell script remediates CVE-2013-3900 by enabling or disabling the Authenticode signature verification fix via registry modifications. It targets both 32-bit and 64-bit systems and requires a reboot to apply changes.

This repository provides a mitigation script for CVE-2013-3900, a vulnerability in Microsoft's WinVerifyTrust function that allows Authenticode signature bypass. The script enables stricter signature validation via registry modifications.

This PowerShell script checks for the presence and correct configuration of registry entries required to mitigate CVE-2013-3900, a WinVerifyTrust Signature Validation Vulnerability. It does not exploit the vulnerability but verifies if the system is properly patched.

This repository contains a remediation report for CVE-2013-3900, detailing steps to mitigate the WinVerifyTrust vulnerability on Windows Server 2019. It includes registry modifications and verification steps but does not contain exploit code.

This repository provides a detailed remediation guide for CVE-2013-3900, a WinVerifyTrust signature validation vulnerability, including registry-level fixes and validation steps. It does not contain exploit code but documents the mitigation process.

This PowerShell script remediates CVE-2013-3900 by enabling the EnableCertPaddingCheck registry key to prevent certificate validation bypass. It updates both 32-bit and 64-bit registry paths and restarts the system to apply changes.

This PoC enables the Windows certificate padding check via registry modifications to mitigate CVE-2013-3900, a vulnerability in WinVerifyTrust that allows improper certificate validation. The script updates registry keys to enforce stricter certificate padding checks.

This PowerShell script is a remediation guide for CVE-2013-3900, which addresses a vulnerability in Windows certificate padding checks. It creates registry keys to enable certificate padding checks and configures logging for CAPI2 events.

This repository contains a functional exploit for CVE-2013-3900, which involves manipulating PE file signatures to bypass authentication checks. The code includes tools for decrypting and injecting shellcode into a target process, demonstrating a local privilege escalation (LPE) attack.