sempervictus
diff --git a/‎data/exploits/cve-2017-8464/template_x64_windows.dll
0 Bytes b/‎data/exploits/cve-2017-8464/template_x64_windows.dll
0 Bytes
diff --git a/‎data/exploits/cve-2017-8464/template_x86_windows.dll
0 Bytes b/‎data/exploits/cve-2017-8464/template_x86_windows.dll
0 Bytes
diff --git a/‎external/source/exploits/cve-2017-8464/template.c
Lines changed: 19 additions & 32 deletions b/‎external/source/exploits/cve-2017-8464/template.c
Lines changed: 19 additions & 32 deletions
@@ -48,44 +48,31 @@ BOOL GetProcessSid(HANDLE hProc, PSID *pSid) {
 	SIZE_T szSid = 0;
 
 	*pSid = NULL;
-	do {
-		if (!OpenProcessToken(hProc, (TOKEN_READ), &hToken)) {
-			return FALSE;
-		}
-
-		GetTokenInformation(hToken, TokenUser, NULL, 0, &dwLength);
-		tuUser = (TOKEN_USER *)malloc(dwLength);
-		if (tuUser == NULL) {
-			break;
-		}
-
-		if (!GetTokenInformation(hToken, TokenUser, tuUser, dwLength, &dwLength)) {
-			break;
-		}
-
-		szSid = GetLengthSid(tuUser->User.Sid);
-		*pSid = LocalAlloc(LPTR, szSid);
-		if (*pSid == NULL) {
-			break;
-		}
+	if (!OpenProcessToken(hProc, (TOKEN_READ), &hToken)) {
+		return FALSE;
+	}
 
-		if (!CopySid((DWORD)szSid, *pSid, tuUser->User.Sid)) {
-			LocalFree(*pSid);
-			*pSid = NULL;
-		}
-	} while (FALSE);
+	GetTokenInformation(hToken, TokenUser, NULL, 0, &dwLength);
+	tuUser = (TOKEN_USER *)malloc(dwLength);
+	if (!tuUser) {
+		return FALSE;
+	}
 
-	if (tuUser != NULL) {
+	if (!GetTokenInformation(hToken, TokenUser, tuUser, dwLength, &dwLength)) {
 		free(tuUser);
-	}
-	if (hToken) {
-		CloseHandle(hToken);
+		return FALSE;
 	}
 
-	if (*pSid != NULL) {
-		return TRUE;
+	szSid = GetLengthSid(tuUser->User.Sid);
+	*pSid = LocalAlloc(LPTR, szSid);
+	if ((*pSid) && (!CopySid((DWORD)szSid, *pSid, tuUser->User.Sid))) {
+		LocalFree(*pSid);
+		*pSid = NULL;
 	}
-	return FALSE;
+
+	free(tuUser);
+	CloseHandle(hToken);
+	return *pSid != NULL;
 }
 
 BOOL IsProcessRunningAsSidString(HANDLE hProc, LPCTSTR sStringSid, PBOOL pbResult) {