Anti-Keylogger Elite 3.3.0 (AKEProtect.sys) Privilege Escalation Exploit

2008.11.14
Credit: ISecSoft,
Risk: High
Local: Yes
Remote: No
CWE: CWE-119


CVSS Base Score: 7.2/10
Impact Subscore: 10/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

//////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | ISecSoft, Inc. - http://www.remove-keyloggers.com | // // | | // // | Affected Software: | // // | Anti-Keylogger Elite <= 3.3.0 | // // | | // // | Affected Driver: | // // | Anti-Keylogger Elite Driver - AKEProtect.sys <= 3.3.3.0 | // // | | // // | Local Privilege Escalation Exploit | // // | For Educational Purposes Only ! | // // | | // // +----------------------------------------------------------------------------+ // // | | // // | NT Internals - http://www.ntinternals.org/ | // // | alex ntinternals org | // // | 07 November 2008 | // // | | // // | References: | // // | Exploiting Common Flaws in Drivers | // // | Ruben Santamarta - http://reversemode.com/ | // // | | // // +----------------------------------------------------------------------------+ // //////////////////////////////////////////////////////////////////////////////////// Exploit: http://www.ntinternals.org/ntiadv0802/AKEProtect_Exp.zip Advisory: http://www.ntinternals.org/ntiadv0802/ntiadv0802.html

References:

http://www.securityfocus.com/bid/32202
http://www.ntinternals.org/ntiadv0802/ntiadv0802.html
http://www.milw0rm.com/exploits/7054
http://secunia.com/advisories/32634


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top