[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : ESET Smart Security <= 3.0.672 (epfw.sys) Privilege Escalation Exploit
# Published : 2008-12-18
# Author : NT Internals
# Previous Title : MS Windows XP SP2 (win32k.sys) Privilege Escalation Exploit (MS08-025)
# Next Title : Microsoft SQL Server sp_replwritetovarbin() Heap Overflow Exploit
////////////////////////////////////////////////////////////////////////////////////
// +----------------------------------------------------------------------------+ //
// | | //
// | ESET, LLC. - http://www.eset.com/ | //
// | | //
// | Affected Software: | //
// | ESET Smart Security <= 3.0.672 | //
// | | //
// | Affected Driver: | //
// | Eset Personal Firewall driver - epfw.sys <= 3.0.672.0 | //
// | | //
// | Local Privilege Escalation Exploit | //
// | For Educational Purposes Only ! | //
// | | //
// +----------------------------------------------------------------------------+ //
// | | //
// | NT Internals - http://www.ntinternals.org/ | //
// | alex ntinternals org | //
// | 18 December 2008 | //
// | | //
// | References: | //
// | Exploiting Common Flaws in Drivers | //
// | Ruben Santamarta - http://reversemode.com/ | //
// | | //
// +----------------------------------------------------------------------------+ //
////////////////////////////////////////////////////////////////////////////////////
Exploit:
http://www.ntinternals.org/ntiadv0807/Epfw_Exp.zip
backup: http://exploit-db.com/sploits/2008-Epfw_Exp.zip
Advisory:
http://www.ntinternals.org/ntiadv0807/ntiadv0807.html
# www.Syue.com [2008-12-18]