Procedure to Recreate the Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver
If You want to Understand how this Exploit is working , Go through this Blog
This CVE is actually the Bypass of Another CVE which is CVE-2023-29360 , Go through That Also its mentioned in Blog I have linked above
If You want to check if your Windows has MSKSSRV.SYS driver
- Open Command Prompt , Go to this Path : dir
C:\Windows\System32\drivers> dir
This is the list of Version of Windows where its Vulnerable to this CVE :-
- I would say you should perefer Installing 21h2 version of Windows VM
- You can find Iso-Image file in this link (Note: I dont guarantee safety of this link)
- Boot-Up the Iso-Image file in your Virtual Box / Vmware
- Install Visual Studio in that VM ( Not Visual Studio Code )
- Clone the Repository or Download the Zip
- After the Installtion is complete , Open your
CVE-2023-36802_Win10.slnin it - Build < Run