header-logo
Suggest Exploit
vendor:
PowerStrip
by:
Alex NTinternals
7.2
CVSS
HIGH
Privilege Escalation
264
CWE
Product Name: PowerStrip
Affected Version From: PowerStrip 3.84
Affected Version To: PowerStrip 5.0.1.1
Patch Exists: YES
Related CWE: N/A
CPE: o:entechtaiwan:powerstrip
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008

PowerStrip Local Privilege Escalation Exploit

This exploit is related to the PowerStrip NT kernel-mode driver - pstrip.sys <= 5.0.1.1. It allows a local user to gain elevated privileges on the system. The exploit is based on the common flaws in drivers and was discovered by Ruben Santamarta.

Mitigation:

Update the PowerStrip driver to the latest version.
Source

Exploit-DB raw data:

////////////////////////////////////////////////////////////////////////////////////
// +----------------------------------------------------------------------------+ //
// |                                                                            | //
// | EnTech Taiwan - http://www.entechtaiwan.com/                               | //
// |                                                                            | //
// | Affected Software:                                                         | //
// | PowerStrip <= 3.84                                                         | //
// |                                                                            | //
// | Affected Driver:                                                           | //
// | PowerStrip support NT kernel-mode driver - pstrip.sys <= 5.0.1.1           | //
// |                                                                            | //
// | Local Privilege Escalation Exploit                                         | //
// | For Educational Purposes Only !                                            | //
// |                                                                            | //
// +----------------------------------------------------------------------------+ //
// |                                                                            | //
// | NT Internals - http://www.ntinternals.org/                                 | //
// | alex ntinternals org                                                       | //
// | 20 December 2008                                                           | //
// |                                                                            | //
// | References:                                                                | //
// | Exploiting Common Flaws in Drivers                                         | //
// | Ruben Santamarta - http://reversemode.com/                                 | //
// |                                                                            | //
// +----------------------------------------------------------------------------+ //
////////////////////////////////////////////////////////////////////////////////////

Exploit:
http://www.ntinternals.org/ntiadv0810/PowerStrip_Exp.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/7533.zip (2008-PowerStrip_Exp.zip)
 
Advisory:
http://www.ntinternals.org/ntiadv0810/ntiadv0810.html

# milw0rm.com [2008-12-21]

Navigation

Suggest Exploit

Services By CQR