Microsoft Windows 10 (19H1 1901 x64) - 'ws2ifsl.sys' Use After Free Local Privilege Escalation (kASLR kCFG SMEP)

/ The exploit works on 19H1. It was tested with ntoskrnl version 10.0.18362.295 EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47935.zip / include include include include include include include pragma commentlib, "ntdll.lib" // run cmd.exe...

Microsoft Windows 10 (19H1 1901 x64) - ws2ifsl.sys Use After Free Local Privilege Escalation (kASLR kCFG SMEP)

Microsoft Windows 10 19H1 1901 x64 - ws2ifsl.sys Use After Free Local Privilege Escalation kASLR kCFG SMEP / The exploit works on 19H1. It was tested with ntoskrnl version 10.0.18362.295 EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47935.zi...

Exploit for Improper Privilege Management in Microsoft

CVE-20190-1215 ws2ifsl.sys UAF exploit for Windows 10 19H1 x64...

Ring 0 Army Knife: r0ak

r0ak is a Windows command-line utility that enables you to easily read, write, and execute kernel-mode code with some limitations from the command prompt, without requiring anything else other than Administrator privileges. Motivation The Windows kernel is a rich environment in which hundreds of...

Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security

On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. Shortly thereafter, one of these exploits was used to create wormable malware that we now know as WannaCrypt, which targeted a large number of...