CVE-2024-35250 PoC — Microsoft Windows Kernel Mode Drivers 安全漏洞

Source

https://github.com/ro0tmylove/CVE-2024-35250-BOF

Associated Vulnerability

Title:Microsoft Windows Kernel Mode Drivers 安全漏洞 (CVE-2024-35250)
Description:Microsoft Windows Kernel Mode Drivers是美国微软（Microsoft）公司的Windows内核模式驱动。 Microsoft Windows Kernel Mode Drivers存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响：Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809

Description

Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星，谢谢。)

Readme

# CVE-2024-35250-BOF
CVE-2024-35250 的 Beacon Object File (BOF) 实现，用于 Cobalt Strike。

使用 Visual Studio 编译。

![Cobalt Strike](assets/bof.PNG)

## 致谢
所有漏洞代码的功劳归原作者 [varwara](https://github.com/varwara/CVE-2024-35250)。

## 免责声明
我对您使用这段糟糕代码可能犯下的任何反人类罪行或引发的核战争不承担任何责任。

File Snapshot


 [4.0K]  /data/pocs/90a5208e54776b49f58422b004315a813d3be593
├── [4.0K]  assets
│   └── [ 42K]  bof.PNG
├── [4.0K]  CVE-2024-35250
│   ├── [2.5K]  beacon.h
│   ├── [ 14K]  bofdefs.h
│   ├── [3.8K]  common.h
│   ├── [1.7K]  CVE-2024-35250.sln
│   ├── [ 13K]  CVE-2024-35250.vcxproj
│   ├── [1.1K]  CVE-2024-35250.vcxproj.filters
│   ├── [ 168]  CVE-2024-35250.vcxproj.user
│   ├── [4.0K]  resources
│   │   └── [4.4K]  strip_bof.ps1
│   └── [ 20K]  Source.cpp
└── [ 415]  README.md

3 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!