Visual Studio Elevation of Privilege CVE-2024-20656 Exploit

Visual Studio Elevation of Privilege CVE-2024-20656 Exploit

vC++ by Prapattimynk

CVE-2024-20656 is a security vulnerability that affects Visual Studio and was released on January 9, 2024. It is a local privilege escalation vulnerability in the VSStandardCollectorService150 service

Android Android 5.0Exploits And POCs
( 490 ratings )
Price: $0
File Visual Studio Elevation of Privilege CVE-2024-20656 Exploit
Publisher Prapattimynk
Genre Exploits And POCs
Size -
File Type C++
Os All
Mod Version C++
Report Report
Visual Studio Elevation of Privilege CVE-2024-20656 Exploit is the most famous version in the Visual Studio Elevation of Privilege CVE-2024-20656 Exploit series of publisher
Download

CVE-2024-20656 is a security vulnerability that affects Visual Studio and was released on January 9, 2024. It is a local privilege escalation vulnerability in the VSStandardCollectorService150 service.

With this we have all pieces for our exploit, to summarise:

  • Create a dummy directory where the VSStandardCollectorService150 will write files.
  • Create a junction directory that points to a newly created directory.
  • Trigger the VSStandardCollectorService150 service by creating a new diagnostic session.
  • Wait for the <GUID>.scratch directory to be created and create new object manager symbolic link Report.<GUID>.diagsession that points to C:\\ProgramData .
  • Stop the diagnostic session.
  • Wait for the Report.<GUID>.diagsession file to be moved to the parent directory and switch the junction directory to point to \\RPC Control where our symbolic link is waiting.
  • Sleep for 5 seconds (not really important but left it there).
  • Switch the junction directory to point to a dummy directory.
  • Start a new diagnostic session.
  • Wait for <GUID>.scratch directory to be created and create a new object manager symbolic link Report.<GUID>.diagsession that points to C:\\ProgramData\\Microsoft
  • Stop the diagnostic session.
  • Wait for the Report.<GUID>.diagsession file to be moved to parent directory and switch the junction directory to point to \\RPC Control where our symbolic link is waiting.
  • After the permissions are changed we delete the C:\\ProgramData\\Microsoft\\VisualStudio\\SetupWMI\\MofCompiler.exe binary.
  • Locate and run the Setup WMI provider in repair mode.
  • Wait for our new MofCompiler.exe binary to be created by the installer and replace it with cmd.exe
  • Enjoy SYSTEM shell 🙂


Recommended for You

You may also like

Comments

Your email address will not be published. Required fields are marked *

Next Post X
Ads Blocker Image Powered by Code Help Pro

AdBlocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.