You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a local privilege escalation exploit for RevoUninstall <= Version 2.6.8. It exploits a Non-paged pool overflow to achieve read and write primitives. From there, it steals the system token to elevate privileges. It requires the RevoDetector.sys driver to be loaded for the exploit to work. This driver is only loaded when the Revo Uninstaller Helper is enabled. For more information on how this exploit works and how I developed it, read my blog post: Blog Post
BYOVD Use
As of 4/5/2026 this driver has a valid signature and is not on the block list. This means this driver could be used to achieve arbitrary Read and Write in a BYOVD usecase, note the exploit is slightly unstable.
Blue Screen Risk
Due to the nature of this exploit, it is unstable and can cause the computer to crash. In my experience, the exploit has around a 90% success rate.
About
Local Privilege Escalation exploit created for a vulnerability I discovered in the RevoDetector.sys driver. Uses a Non-Paged pool overflow to achieve read and write primitives on a modern Windows 11 system.