PowerStrip < = 3.84 - pstrip.sys Privilege Escalation Exploit

2008-12-21T00:00:00
ID EDB-ID:7533
Type exploitdb
Reporter NT Internals
Modified 2008-12-21T00:00:00

Description

PowerStrip < = 3.84 (pstrip.sys) Privilege Escalation Exploit. CVE-2008-5725. Local exploit for windows platform

                                        
                                            ////////////////////////////////////////////////////////////////////////////////////
// +----------------------------------------------------------------------------+ //
// |                                                                            | //
// | EnTech Taiwan - http://www.entechtaiwan.com/                               | //
// |                                                                            | //
// | Affected Software:                                                         | //
// | PowerStrip &lt;= 3.84                                                         | //
// |                                                                            | //
// | Affected Driver:                                                           | //
// | PowerStrip support NT kernel-mode driver - pstrip.sys &lt;= 5.0.1.1           | //
// |                                                                            | //
// | Local Privilege Escalation Exploit                                         | //
// | For Educational Purposes Only !                                            | //
// |                                                                            | //
// +----------------------------------------------------------------------------+ //
// |                                                                            | //
// | NT Internals - http://www.ntinternals.org/                                 | //
// | alex ntinternals org                                                       | //
// | 20 December 2008                                                           | //
// |                                                                            | //
// | References:                                                                | //
// | Exploiting Common Flaws in Drivers                                         | //
// | Ruben Santamarta - http://reversemode.com/                                 | //
// |                                                                            | //
// +----------------------------------------------------------------------------+ //
////////////////////////////////////////////////////////////////////////////////////

Exploit:
http://www.ntinternals.org/ntiadv0810/PowerStrip_Exp.zip
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/7533.zip (2008-PowerStrip_Exp.zip)
 
Advisory:
http://www.ntinternals.org/ntiadv0810/ntiadv0810.html

# milw0rm.com [2008-12-21]