Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768
https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768
Last synced: about 2 months ago
JSON representation
LPE exploit for CVE-2023-21768
- Host: GitHub
- URL: https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768
- Owner: chompie1337
- Created: 2023-03-07T23:00:27.000Z (almost 2 years ago)
- Default Branch: master
- Last Pushed: 2023-07-10T16:35:49.000Z (over 1 year ago)
- Last Synced: 2024-08-05T17:24:41.483Z (5 months ago)
- Language: C
- Size: 11.7 KB
- Stars: 468
- Watchers: 10
- Forks: 163
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - chompie1337/Windows_LPE_AFD_CVE-2023-21768 - LPE exploit for CVE-2023-21768 (C)
README
# CVE-2023-21768 Local Privilege Escalation POC
authors: [chompie](https://twitter.com/chompie1337) & [b33f](https://twitter.com/FuzzySec)
For demonstration purposes only. Complete exploit works on vulnerable Windows 11 22H2 systems.
Write primitive works on all vulnerable systems.
Usage:
```
Windows_AFD_LPE_CVE-2023-21768.exe
```
where `` is the process ID (in decimal) of the process to elevate.
Should result in the target process being elevated to SYSTEM
The I/O Ring LPE primitive code is based on the I/ORing R/W [PoC](https://github.com/yardenshafir/IoRingReadWritePrimitive) by [Yarden Shafir](https://twitter.com/yarden_shafir)
Blog post [here](https://securityintelligence.com/posts/patch-tuesday-exploit-wednesday-pwning-windows-ancillary-function-driver-winsock/)