该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。
☆44Jul 5, 2024Updated last year
Alternatives and similar repositories for CVE-2024-30088-Windows-poc
Users that are interested in CVE-2024-30088-Windows-poc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Windows CSC服务特权提升漏洞。 当程 序向缓冲区写入的数据超出其处理能力时,就会发生基于堆的缓冲区溢出,从而导致多余的数据溢出到相邻的内存区域。这种溢出会损坏内存,并可能使攻击者能够执行任意代码或未经授权访问系统。本质上,攻击者可以编写触发溢出的恶意代码或输入,从…☆12Jun 16, 2024Updated 2 years ago
- ☆40Jun 23, 2024Updated 2 years ago
- Exploit for CVE-2024-4885☆17Jul 8, 2024Updated last year
- A local privilege escalation vulnerability in VMware vCenter Server (and VMware Cloud Foundation) caused by a misconfiguration of sudo, a…☆59Jul 9, 2024Updated last year
- ☆10Jun 15, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Windows AppLocker Driver (appid.sys) LPE☆78Jul 29, 2024Updated last year
- ☆290Jul 31, 2024Updated last year
- 哥斯拉源码-v3.03-godzilla☆148Apr 6, 2022Updated 4 years ago
- Pyload RCE with js2py sandbox escape☆18Oct 26, 2024Updated last year
- POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.☆126Jul 12, 2024Updated last year
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated 2 years ago
- ☆125Sep 5, 2024Updated last year
- Windows LPE Nday☆34Apr 26, 2024Updated 2 years ago
- basic concept for the latest windows wifi driver CVE☆237Oct 31, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- 这是一款加解密工具适用于勒索病毒应急演练的展示☆21May 31, 2023Updated 3 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 6 months ago
- ☆147Mar 29, 2025Updated last year
- The vulnerability allows an attacker with network access to an Erlang/OTP SSH server to execute arbitrary code without prior authenticati…☆16Aug 4, 2025Updated 10 months ago
- bootkit驱动映射,三环进程注入加载指定模块☆14Oct 8, 2024Updated last year
- poc code for CVE-2024-38080☆30Sep 1, 2024Updated last year
- A collection of cpuid instruction implementations for anti-vm purposes.☆11Oct 5, 2023Updated 2 years ago
- CVE-2024-30078 Detection and Command Execution Script☆82Jun 23, 2024Updated 2 years ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆108May 25, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- 某 FE 平台一键漏洞探测工具,支持单 url 以及批量探测☆33Nov 11, 2024Updated last year
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 6 years ago
- 基于go语言的帆软报表漏洞检测工具☆14Sep 4, 2022Updated 3 years ago
- Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic"☆24Oct 12, 2025Updated 8 months ago
- Red team tool designed for quickly identifying hijackable programs, evading antivirus software, and EDR (Endpoint Detection and Response)…☆77Feb 27, 2025Updated last year
- 内网配置文件快速收集☆28Jul 25, 2023Updated 2 years ago
- Convert native dll to shellcode, and support exported function☆25Feb 10, 2021Updated 5 years ago
- Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely☆76Jul 31, 2024Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated 4 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆28Feb 6, 2024Updated 2 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- ☆29Dec 29, 2022Updated 3 years ago
- Core C++ library for C2 architecture, message handling, and security tooling experiments.☆25May 13, 2026Updated last month
- 一个记录本机IP的小程序☆35Jan 8, 2025Updated last year
- 重构Beacon☆166Aug 19, 2024Updated last year
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆41Aug 15, 2024Updated last year