CVE-2024-30090 PoC — Microsoft Streaming Service 安全漏洞

Source

Associated Vulnerability

Description

CVE-2024-30090 - LPE PoC

Readme

# **CVE-2024-30090 - LPE PoC**
[CVE-2024-30090](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30090) found by [Angelboy](https://x.com/scwuaptx) with DEVCORE.

## **Parent.cpp** 
Get the ntoskrnl base by using NtQuerySystemInformation (medium-integrity) - **Compile as x64**.

## **Child.cpp**
The exploit for CVE-2024-30090 - **Compile as x86**.

## **Thanks**
**Big** thanks [Angelboy](https://x.com/scwuaptx) for your help and guidance!.  
[Cedric Halbronn ](https://x.com/saidelike) 'OST2 - Exploitation 4011 - Windows Kernel Exploitation' - `winhelpers.h`.  
[bruno-1337](https://github.com/bruno-1337) - [SeDebugPrivilege-Exploit](https://github.com/bruno-1337/SeDebugPrivilege-Exploit).

## **Resources & References**
1. [Streaming vulnerabilities from Windows Kernel - Proxying to Kernel - Part I](https://devco.re/blog/2024/08/23/streaming-vulnerabilities-from-windows-kernel-proxying-to-kernel-part1-en/)
2. [Streaming vulnerabilities from Windows Kernel - Proxying to Kernel - Part II](https://devco.re/blog/2024/10/05/streaming-vulnerabilities-from-windows-kernel-proxying-to-kernel-part2-en/)
3. [Streaming vulnerabilities from Windows Kernel - Proxying to Kernel - CVE-2024-30090](https://www.youtube.com/watch?v=m2TNVDgz7CI)

File Snapshot

 [4.0K]  /data/pocs/3de51eda6045e01852e6624d219b43358169edf2
├── [4.0K]  Child
│   ├── [4.1K]  Child.cpp
│   ├── [ 22K]  _ksproxy.h
│   ├── [7.1K]  winhelpers.cpp
│   └── [ 737]  winhelpers.h
├── [4.0K]  Parent
│   └── [3.1K]  Parent.cpp
└── [1.2K]  README.md

2 directories, 6 files

Remarks