In the evolving landscape of cybersecurity, understanding the mechanisms behind vulnerabilities is crucial for both mitigation and responsible exploitation.
This article dives into CVE-2024-30090, a significant Local Privilege Escalation (LPE) vulnerability uncovered by the renowned security researcher Angelboy and his team at DEVCORE.
Here, we provide an in-depth analysis and a step-by-step Proof of Concept (PoC) for exploiting this flaw within the Windows Kernel environment.
CVE-2024-30090 highlights a critical weakness that allows attackers to escalate their privileges from medium to high integrity, compromising system security.
By dissecting the process—from initial discovery by Angelboy to the intricate exploitation techniques—this write-up aims to shed light on the vulnerability’s intricacies and its potential implications.
This article also extends gratitude to collaborators and references pivotal resources that elaborate on kernel vulnerabilities, serving as a comprehensive guide for security professionals aiming to understand and replicate the exploit responsibly.
Get the ntoskrnl base by using NtQuerySystemInformation (medium-integrity) – Compile as x64.
This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe…
Arena-Hard-Auto-v0.1 (See Paper) is an automatic evaluation tool for instruction-tuned LLMs. It contains 500 challenging…
This is a tool for searching Exploits from some Exploit Databases. Exploits are inserted at…
A list of awesome academic researches and industrial materials about Large Language Model (LLM) and…
Thanks for HIBP and this downloader. At first I was considering using it, but the…
Comprehensive repository for presentation slides from major cybersecurity conferences held in 2023 and 2024. It…