[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Online Armor < 3.5.0.12 (OAmon.sys) Local Privilege Escalation Exploit
# Published : 2009-06-04
# Author : NT Internals
# Previous Title : PeaZIP <= 2.6.1 Compressed Filename Command Injection Exploit
# Next Title : Atomix Virtual Dj Pro 6.0 Stack Buffer Overflow PoC (SEH)
////////////////////////////////////////////////////////////////////////////////////
// +----------------------------------------------------------------------------+ //
// | | //
// | Tall Emu Pty Ltd - http://www.tallemu.com/ | //
// | | //
// | Affected Software: | //
// | Online Armor Personal Firewall v3.5 < 3.5.0.12 | //
// | Online Armor Personal Firewall AV+ < 3.5.0.12 | //
// | | //
// | Affected Driver: | //
// | TDI Helper Driver - OAmon.sys <= 3.1.0.0 | //
// | | //
// | Local Privilege Escalation Exploit | //
// | For Educational Purposes Only ! | //
// | | //
// +----------------------------------------------------------------------------+ //
// | | //
// | NT Internals - http://www.ntinternals.org/ | //
// | alex ntinternals org | //
// | 25 May 2009 | //
// | | //
// | References: | //
// | Online Armor (OAmon.sys) Multiple Privilege Escalation Vulnerabilities | //
// | NTIADV0806 - http://www.ntinternals.org/ntiadv0806/ntiadv0806.html | //
// | | //
// | Exploiting Common Flaws in Drivers | //
// | Ruben Santamarta - http://www.reversemode.com/ | //
// | | //
// +----------------------------------------------------------------------------+ //
////////////////////////////////////////////////////////////////////////////////////
Exploit:
http://ntinternals.org/ntiadv0806/OAmon_Exp.zip
http://exploit-db.com/sploits/2009-OAmon_Exp.zip
Advisory:
http://www.ntinternals.org/ntiadv0806/ntiadv0806.html
# www.Syue.com [2009-06-04]