This repository contains an exploit for the BufferOverflowNonPagedPoolNx vulnerability in HackSys Extreme Vulnerable Driver (HEVD).
The exploit targets Windows 10 Version 22H2 (OS Build 19045.3930) and demonstrates a technique to achieve privilege escalation from a low-integrity process to SYSTEM.
The exploit leverages the BufferOverflowNonPagedPoolNx vulnerability to create a “ghost chunk” through Aligned Chunk Confusion in the NonPagedPoolNx region. This ghost chunk is then manipulated to achieve arbitrary read and write primitives, which are subsequently used to elevate privileges.
Key techniques:
This exploit was tested in the following environment:
For more information click here.
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…
Introduction As cyber threats grow more sophisticated, organizations need more than just firewalls and antivirus…
Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…
Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…