CVE-2024-35250 PoC — Microsoft Windows Kernel Mode Drivers 安全漏洞

Source

https://github.com/yinsel/CVE-2024-35250-BOF

Associated Vulnerability

Title:Microsoft Windows Kernel Mode Drivers 安全漏洞 (CVE-2024-35250)
Description:Microsoft Windows Kernel Mode Drivers是美国微软（Microsoft）公司的Windows内核模式驱动。 Microsoft Windows Kernel Mode Drivers存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响：Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809

Description

CVE-2024-35250 的 Beacon Object File (BOF) 实现。

Readme

# CVE-2024-35250-BOF

CVE-2024-35250 的 Beacon Object File (BOF) 实现。

![](assets/bof.png)

## 构建

项目模板来自[bof-vs](https://github.com/Cobalt-Strike/bof-vs)。

使用 Visual Studio 2019/2022 的 Release 配置进行编译。

## 鸣谢

https://github.com/varwara/CVE-2024-35250

File Snapshot


 [4.0K]  /data/pocs/bef762ee38397daed56e7a8b4518f14640f1d7b7
├── [4.0K]  assets
│   └── [144K]  bof.png
├── [4.0K]  CVE-2024-35250-BOF
│   ├── [4.0K]  base
│   │   ├── [ 466]  helpers.h
│   │   ├── [ 25K]  mock.cpp
│   │   ├── [8.5K]  mock.h
│   │   └── [8.9K]  mock_syscalls.cpp
│   ├── [2.6K]  beacon_gate.h
│   ├── [ 14K]  beacon.h
│   ├── [3.1K]  bofdefs.h
│   ├── [3.6K]  common.h
│   ├── [ 19K]  CVE-2024-35250-BOF.cpp
│   ├── [ 13K]  CVE-2024-35250-BOF.vcxproj
│   ├── [2.2K]  CVE-2024-35250-BOF.vcxproj.filters
│   ├── [1.4K]  Makefile
│   ├── [ 187]  packages.config
│   └── [1.4K]  sleepmask.h
├── [1.8K]  CVE-2024-35250-BOF.sln
├── [ 11K]  LICENSE
└── [ 300]  README.md

3 directories, 18 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!