Microsoft Vista (NtRaiseHardError) Privilege Escalation Exploit
Vista権限が上昇可能な脆弱性のExploitみたいです。NtRaiseHardErrorの脆弱性みたいですね。
//raise.c //26-12-2006 ]erasmus[/ORC //exploit NtRaiseHardError privesc and load dll into csrss //this version only is vista, other version can be worked //with proper offsets, i will complete them soon //imperfect but sometime work, ok for proto type;) //dll limit to 8 chars but maybe can work around by //\xxx\..\dll type trick and use LoadLibraryW, now is //C:\TEST but another drive maybe work