sticky-keys-enabled-login: Sticky Keys Enabled at Login Screen

日期: 2025-08-01 | 影响软件: sticky-keys-enabled-login | POC: 已公开

漏洞描述

Verify if Sticky Keys are enabled before login, which can be exploited for unauthorized access.

PoC代码[已公开]

id: sticky-keys-enabled-login

info:
  name: Sticky Keys Enabled at Login Screen
  author: princechaddha
  severity: high
  description: Verify if Sticky Keys are enabled before login, which can be exploited for unauthorized access.
  impact: |
    An attacker may abuse Sticky Keys to gain unauthorized access by replacing system binaries.
  remediation: |
    Disable Sticky Keys before login or implement a more secure method to prevent misuse.
  tags: windows,sticky-keys,login,code,windows-audit

self-contained: true

code:
  - pre-condition: |
      IsWindows();
    engine:
      - powershell
      - powershell.exe
    args:
      - -ExecutionPolicy
      - Bypass
    pattern: "*.ps1"
    source: |
      Test-Path -Path "C:\Windows\System32\sethc.exe"

    matchers:
      - type: word
        words:
          - "True"
# digest: 4a0a0047304502202e1b5b89aef347e8db4a66d30b5b75c75456a08ed94acfea4b0b51e18019645a022100c43e9d3b78235b0868044fe630a3266f209ea4ae2d335162bcfaa6eb1678bc86:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./code/windows/audit/sticky-keys-enabled-login.yaml