SaaS Metrics
Nightmare-Eclipse/MiniPlasma
CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys
View Origin LinkProduct Positioning & Context
AI Executive Synthesis
Demonstrating an LPE. The implicit positioning is a functional exploit, but it exhibits version-specific failures and cleanup issues.
The MiniPlasma PoC for CVE-2020-17103 exhibits inconsistent behavior, failing on Windows 10 with a 'Failed to run stage 1' error but working on Windows 11. Furthermore, the PoC encounters a critical 'NtApiDotNet.NtException' during cleanup, specifically failing to delete registry keys under 'CloudFiles\BlockedApps'. This indicates a lack of robustness in the exploit's post-execution phase, potentially leaving system artifacts. The developer pain points are the version-specific failures and the inability to cleanly remove exploit traces, requiring manual intervention or disabling Defender. The discussion also highlights the debate around the utility of such exploits when administrative privileges are already present. The market implication is that exploit tools require broad compatibility and reliable cleanup mechanisms to be considered effective and safe for security testing, otherwise their practical application is limited.
CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys
Related Ecosystem & Alternatives
Discover adjacent products, open-source repositories, and developer tools sharing similar technical architecture.
Deep-Dive FAQs
What is Nightmare-Eclipse/MiniPlasma?
Nightmare-Eclipse/MiniPlasma is analyzed by our AI as: Demonstrating an LPE. The implicit positioning is a functional exploit, but it exhibits version-specific failures and cleanup issues.. It focuses on The MiniPlasma PoC for CVE-2020-17103 exhibits inconsistent behavior, failing on Windows 10 with a 'Failed to run stage 1' error but working on Win...
Where did Nightmare-Eclipse/MiniPlasma originate?
Data for Nightmare-Eclipse/MiniPlasma was aggregated directly from the GitHub Open Source community ecosystem, representing raw developer and early-adopter sentiment.
When was Nightmare-Eclipse/MiniPlasma publicly launched?
The initial public indexing or launch date for Nightmare-Eclipse/MiniPlasma within our tracked developer communities was recorded on May 14, 2026.
How popular is Nightmare-Eclipse/MiniPlasma?
Nightmare-Eclipse/MiniPlasma has achieved measurable traction, logging over 696 traction score and facilitating 172 recorded discussions or engagements.
Are there active development issues for Nightmare-Eclipse/MiniPlasma?
Yes, we are currently tracking open architectural debates and bug reports for this project on GitHub. There are currently 5 active high-priority issues logged recently.
What are some commercial alternatives to Nightmare-Eclipse/MiniPlasma?
Our semantic intelligence engine identifies potential commercial alternatives in the SaaS space, such as Databerry, which offers overlapping value propositions.
How does the creator describe Nightmare-Eclipse/MiniPlasma?
The original author or development team describes the product as follows: "CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys"
Active Developer Issues (GitHub)
Logged: May 20, 2026
Logged: May 20, 2026
Logged: May 20, 2026
Logged: May 18, 2026
Logged: May 17, 2026
Community Voice & Feedback
Found out about win 10 pro
how did you do it, just type it in cmd?
I think that is what they were going for?
> Please provide exploit so opensource unsigned kernel drivers work even with secureboot
@RedBull8080 yes you are right, but if there were to exist a exploit allowing you to do what OP said that would basically render secureboot useless and make making rootkits as easy as normal malware which would be uhh, bad, to say the least
@RedBull8080 yes you are right, but if there were to exist a exploit allowing you to do what OP said that would basically render secureboot useless and make making rootkits as easy as normal malware which would be uhh, bad, to say the least
> According to my experience, we have to execute the poc after disabled defender using undefend.
what's the point if you already have admin privilege?
what's the point if you already have admin privilege?
According to my experience, we have to execute the poc after disabled defender using undefend.
just disable secure boot
>
>
> How to bypass this?
exclude the folder
>
> How to bypass this?
exclude the folder
Same behavior on 17763.6189 (W10 1809 Enterprise LTS)
How to bypass this?
E:\>PoC_AbortHydration_ArbitraryRegKey_EoP.exe
In force token thread thread:8884 - process:5188
Change detected.
Opening for EnumerateSubKeys, WriteDac, WriteOwner
Deleting \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\CloudFiles\BlockedApps
Opening for WriteDac
Opened for WriteDac
Opening for WriteOwner
Opened for WriteOwner
Opening for EnumerateSubKeys, Delete
Opened for enumerate.
Deleting \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\CloudFiles\BlockedApps\317837ba569a986624d1bc18ac4b76ea4668aa14d226ebfb2d1dd0da3198e3e5
Opening for WriteDac
Opened for WriteDac
Opening for WriteOwner
Opened for WriteOwner
Opening for EnumerateSubKeys, Delete
Opened for enumerate.
NtApiDotNet.NtException: (0xC0000121) - An attempt has been made to remove a file or directory that cannot be deleted.
at NtApiDotNet.NtObjectUtils.ToNtException(NtStatus status, Boolean throw_on_error)
at PoC_AbortHydration_ArbitraryRegKey_EoP.Program.ForceKeyDeleteKey(NtKey root, String name)
at PoC_A...
In force token thread thread:8884 - process:5188
Change detected.
Opening for EnumerateSubKeys, WriteDac, WriteOwner
Deleting \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\CloudFiles\BlockedApps
Opening for WriteDac
Opened for WriteDac
Opening for WriteOwner
Opened for WriteOwner
Opening for EnumerateSubKeys, Delete
Opened for enumerate.
Deleting \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\CloudFiles\BlockedApps\317837ba569a986624d1bc18ac4b76ea4668aa14d226ebfb2d1dd0da3198e3e5
Opening for WriteDac
Opened for WriteDac
Opening for WriteOwner
Opened for WriteOwner
Opening for EnumerateSubKeys, Delete
Opened for enumerate.
NtApiDotNet.NtException: (0xC0000121) - An attempt has been made to remove a file or directory that cannot be deleted.
at NtApiDotNet.NtObjectUtils.ToNtException(NtStatus status, Boolean throw_on_error)
at PoC_AbortHydration_ArbitraryRegKey_EoP.Program.ForceKeyDeleteKey(NtKey root, String name)
at PoC_A...
Discovery Source
GitHub Open Source Aggregated via automated community intelligence tracking.
Tech Stack Dependencies
No direct open-source NPM package mentions detected in the product documentation.
Media Tractions & Mentions
No mainstream media stories specifically mentioning this product name have been intercepted yet.
Deep Research & Science
No direct peer-reviewed scientific literature matched with this product's architecture.