/24h2-nt-exploit

Exploit targeting NT kernel in 24H2 Windows Insider Preview

Primary LanguageCMIT LicenseMIT

Windows 11 24H2 NT Exploit

Source code for the exploit detailed on exploits.forsale.

Should work on all Windows 11 24H2 x64 builds prior to 26058.

Components

  • teb_nt_poc.c - The exploit itself, leveraging CVE-2024-21345
  • prefetch_asm.asm, prefetch_leak.h - Side-channel to bypass kernel ASLR
  • find_nt_offsets.h, find_nt_offsets.c - Finds some non-exported globals in NT using Capstone
  • ntos.h - Misc non-public structs and functions related to NT.