-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add module for cve-2018-8453 #12011
Add module for cve-2018-8453 #12011
Conversation
Removed |
modules/exploits/windows/local/cve_2018_8453_win32k_priv_esc.rb
Outdated
Show resolved
Hide resolved
modules/exploits/windows/local/cve_2018_8453_win32k_priv_esc.rb
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Another clean submission. Very nice. Only a couple questions but otherwise no changes required.
modules/exploits/windows/local/cve_2018_8453_win32k_priv_esc.rb
Outdated
Show resolved
Hide resolved
So Jacob and I had a little discussion about this pull request, and I requested at least these changes:
After that, as long as the exploit works, I can take over the rest and land this. |
37d6fb9
to
a55aea3
Compare
It works!
|
A little minor changes here and there and then I should be able to land it. Thanks for waiting! |
Release NotesA module for cve-2018-8453 has been added to the framework. It is a local Windows Privilege escalation module that works for x86 Windows 10 build 15063. |
Add local Windows Privilege escalation module for cve-2018-8453.
PoC code is from x86 version of https://github.com/ze0r/cve-2018-8453-exp
The author has given permission to use their code in msf as well.
Verification
List the steps needed to make sure this thing works
use exploit/windows/local/cve_2018_8453_win32k_priv_esc
set session <session>
exploit