authors: chompie
For demonstration purposes only. Complete exploit works on vulnerable Windows 11 22H2 systems. Adapting the exploit to all vulnerable systems is left as an exercise to the reader. Git gud, etc.
Usage:
Windows_MSKSSRV_LPE_CVE-2023-6802.exe <pid>
where <pid> is the process ID (in decimal) of the process to elevate.
Should result in the target process being elevated to SYSTEM
The I/O Ring LPE primitive code is based on the I/ORing R/W PoC by Yarden Shafir
Blog post here