关联漏洞
标题:Microsoft Windows Kernel 安全漏洞 (CVE-2024-26229)Description:Microsoft Windows Kernel是美国微软(Microsoft)公司的Windows操作系统的内核。 Microsoft Windows Kernel存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,W
Description
Nim touch up of CVE 2024 26229
介绍
# cve-2024-26229
A nim version of the (now outdated) Windows LPE vulnerability abusing CSC.
This is for educational purposes only, and refer to the patch list to determine whether or not your system/your target is vulnerable.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26229
# Usage
### Compilation
```
# Make sure you have the necessary nim libraries installed
# This will create a main.exe
nim c --app=console --cpu=amd64 --os=windows -d:release --gc:arc --passL:-s main.nim
```
### What Actually Gets Executed
The template uses powershell to execute a base64 encoded script block. Host your payload on a web server (or utilize the file hosting mechanism available on most C2 platforms), base64 encode the download string and simply replace the ###Your base64 delivery here### with the base64 encoded string.
# Indicators of Compromise
### Host-Based Analysis
To be updated
### Network-Based Analysis
To be updated
文件快照
[4.0K] /data/pocs/db0e351b3bec657e9057f7cd86eacf8cec675dc7
├── [180K] main.exe
├── [8.3K] main.nim
└── [ 942] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。