CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day

Overview

WindowsMDM-LPE-0Day

Works best on Windows 11

CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day

Screenshots:

Youtube : https://youtu.be/lhT9m68GgL4

Affected Windows Versions

Windows 10 1803
Windows 10 1809
Windows 10 1909
Windows 10 2004
Windows 10 20h2
Windows Server 2016 1909
Windows Server 2016 2004
Windows Server 2016 20h2
Windows Server 2019
Windows 11

You might also like...
PoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)
PoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell DoS PoC for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-a

Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)
Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell Exploit for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-a

Bring your own print driver privilege escalation tool

Concealed Position Concealed Position is a local privilege escalation attack against Windows using the concept of "Bring Your Own Vulnerability". Spec

SystemGap - Maintenance Tools after privilege escalation
SystemGap - Maintenance Tools after privilege escalation

SystemGap 适用于解决不稳定Windows漏洞提权成功后进行权限驻守的办法 SystemGap - 监听者 SystemGap 负责监听一个任意用户可读写的匿名管道,从管道中读取命令进行执行 SystemGapClient - 发送者 SystemGapClient 负责向匿名管道中传入指令

Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider

Sealighter-TI Combining Sealighter with unpatched exploits and PPLDump to run the Microsoft-Windows-Threat-Intelligence ETW Provider without a signed

Demo exploit code for CVE-2020-27904, a tfp0 bug.

xattr-oob-swap CVE-2020-27904: a tfp0 bug for macOS 10.15.x and below. Demo exploit code for my talk at BlackHat ASIA 2021. The vulnerability has been

Make CVE-2020-0668 exploit work for version < win10 v1903 and version >= win10 v1903
Make CVE-2020-0668 exploit work for version win10 v1903 and version = win10 v1903

CVE-2020-0668 Made CVE-2020-0668 exploit work for version win10 v1903 and version = win10 v1903 Diaghub Exploit ( v1903) powershell exploit works

PikaScript is an ultra-lightweight Python engine with zero dependencies and zero-configuration, that can run with 4KB of RAM (such as STM32G030C8 and STM32F103C8), and is very easy to deploy and expand.
PikaScript is an ultra-lightweight Python engine with zero dependencies and zero-configuration, that can run with 4KB of RAM (such as STM32G030C8 and STM32F103C8), and is very easy to deploy and expand.

PikaScript 中文页| Star please~ 1. Abstract PikaScript is an ultra-lightweight Python engine with zero dependencies and zero-configuration, that can run

oZKS (Ordered Zero-Knowledge Set) is a library that provides an implementation of an Ordered (and Append Only) Zero-Knowledge Set.

Ordered Zero-Knowledge Set - oZKS Introduction oZKS is a library that provides an implementation of an Ordered (and Append Only) Zero Knowledge Set. A

Owner
Exploit Blizzard
-<-
Exploit Blizzard
Local Privilege Escalation Edition for CVE-2021-1675

Local Privilege Escalation Edition of CVE-2021-1675/CVE-2021-34527 Local Privilege Escalation implementation of the CVE-2021-1675/CVE-2021-34527 (a.k.

Halil Dalabasmaz 334 Jan 5, 2023
This repository contains an exploit of CVE-2021-4034, a local privilege escalation in pkexec

pwnkit (CVE-2021-4034) Privilege Escalation exploit sample This repository contains an exploit of CVE-2021-4034, a local privilege escalation in pkexe

Peter Gottesman 29 Dec 20, 2022
CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept

CVE-2021-4034 Proof of Concept Qualys researches found a pretty cool local privilege escalation vulnerability in Polkit's pkexec: writeup, tweet. This

Marco Bonelli 20 Jun 22, 2022
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

PwnKit Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation Usage Should work out of the box on Linux distributions based on U

Oliver Lyak 702 Dec 28, 2022
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) https://seclists.org/oss-sec/2022/q1/80 http

Andris Raugulis 933 Dec 22, 2022
CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation

CVE-2021-4034 CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation 根据CVE-2021-4034进行了加强,执行Exploit将会默认添加用户名rooter,密码Hello@World,并且rooter用户将具

倾旋 89 Dec 12, 2022
An exploit for CVE-2021-4034 aka Pwnkit: Local Privilege Escalation in polkit's pkexec

CVE-2021-4034 Exploit Usage $ git clone https://github.com/whokilleddb/CVE-2021-4034 $ cd CVE-2021-4034 $ make [!] CVE-2021-4034 Exploit By whokilledd

whokilleddb 3 Jun 30, 2022
Plex media server local privilige escalation poc - CVE-2021-42835

Local Privilege PlEXcalasion - CVE-2021-42835 Plex Media Server for Windows prior to version 1.25.0.5282, vulnerable to Time Of Check Time Of Use (TOC

null 6 May 24, 2022
Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.

RemotePotato0 Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin. RemotePotato0 is an exploit that allows you to escalate

null 1.1k Dec 28, 2022
A 3-D Printed Bot which can talk, cheer, dance and manage your day-to-day schedule.

cheerup A 3-D Printed Bot which can talk, cheer, dance and manage your day-to-day schedule. In childhood many of us have watched this show "SpongeBob

Aniket Dhole 4 Sep 5, 2021