Local Privilege Escalation Exploit

vendor:

Anti-Keylogger Elite

by:

Alex NTInternals

7.2

CVSS

HIGH

Privilege Escalation

269

CWE

Product Name: Anti-Keylogger Elite

Affected Version From: 3.3.2000

Affected Version To: 3.3.3.0

Patch Exists: YES

Related CWE: N/A

CPE: a:isecsoft:anti-keylogger_elite

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2008

Local Privilege Escalation Exploit

This exploit is related to the Anti-Keylogger Elite Driver (AKEProtect.sys) version 3.3.3.0 and below. It allows an attacker to gain elevated privileges on the system by exploiting a flaw in the driver.

Mitigation:

Update the Anti-Keylogger Elite Driver to the latest version.

Source

Exploit-DB raw data:

////////////////////////////////////////////////////////////////////////////////////
// +----------------------------------------------------------------------------+ //
// |                                                                            | //
// | ISecSoft, Inc. - http://www.remove-keyloggers.com                          | //
// |                                                                            | //
// | Affected Software:                                                         | //
// | Anti-Keylogger Elite <= 3.3.0                                              | //
// |                                                                            | //
// | Affected Driver:                                                           | //
// | Anti-Keylogger Elite Driver - AKEProtect.sys <= 3.3.3.0                    | //
// |                                                                            | //
// | Local Privilege Escalation Exploit                                         | //
// | For Educational Purposes Only !                                            | //
// |                                                                            | //
// +----------------------------------------------------------------------------+ //
// |                                                                            | //
// | NT Internals - http://www.ntinternals.org/                                 | //
// | alex ntinternals org                                                       | //
// | 07 November 2008                                                           | //
// |                                                                            | //
// | References:                                                                | //
// | Exploiting Common Flaws in Drivers                                         | //
// | Ruben Santamarta - http://reversemode.com/                                 | //
// |                                                                            | //
// +----------------------------------------------------------------------------+ //
////////////////////////////////////////////////////////////////////////////////////

Exploit:
http://www.ntinternals.org/ntiadv0802/AKEProtect_Exp.zip
backup: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/32572-1.zip (2008-AKEProtect_Exp.zip)

Advisory:
http://www.ntinternals.org/ntiadv0802/ntiadv0802.html


# milw0rm.com [2008-11-07]