This repository contains a proof-of-concept (PoC) exploit code and a detection script for the Windows USB Generic Parent Driver Remote Code Execution Vulnerability, identified as CVE-2024-1642470.
CVE-2024-1642470 is a critical vulnerability discovered in the Windows USB Generic Parent Driver. The vulnerability arises due to improper input validation within the driver's IOCTL handling mechanism. As a result, remote attackers can execute arbitrary code via crafted IOCTL requests, potentially leading to system compromise.
The exploit code included in this repository demonstrates the exploitation of the CVE-2024-1642470 vulnerability. It leverages a crafted IOCTL request to trigger a buffer overflow condition within the vulnerable driver, allowing arbitrary code execution on the affected system.
A proof-of-concept script is provided to demonstrate the presence of the vulnerable driver on a system. The script attempts to open the device corresponding to the vulnerable driver and checks for its existence.
To use the exploit code:
- Compile the exploit code if necessary.
- Run the compiled executable on a target system to trigger the vulnerability.
To use the PoC script:
- Run the script on a target system to check for the presence of the vulnerable driver.
- Review the output to determine if the vulnerable driver is found.
This repository is for educational and research purposes only. Use the exploit code and PoC script responsibly and in compliance with applicable laws and regulations. The author assumes no liability for any misuse or damage caused by the use of the provided code.
- Yasin Saffari (Symbolexe)
This project is licensed under the MIT License.