CVE-2019-0841

This Metasploit module exploits CVE-2019-0841, a privilege escalation vulnerability in Windows 10 builds prior to 17763. It leverages improper handling of hard links by the AppXSvc service to gain SYSTEM privileges via DLL injection through the Diagnostics Hub Standard Collector Service (DiagHub).

The text describes a local privilege escalation (LPE) bypass for CVE-2019-0841, leveraging a race condition in Microsoft Edge's DACL handling when launched via specific methods. It outlines steps to trigger the vulnerability but lacks functional exploit code.

This exploit leverages a DACL permissions overwrite vulnerability in Microsoft Edge to achieve local privilege escalation by creating a directory and hardlink to manipulate file permissions. The PoC requires the attacker to adjust the Edge version in the path to match the target system.

The provided text describes a privilege escalation exploit for CVE-2019-0841 but lacks actual exploit code, instead pointing to an external download link. This is indicative of a social engineering lure rather than a legitimate PoC.

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2019-0841, which abuses a DACL overwrite vulnerability in Microsoft Windows 10. The exploit creates a hardlink to a Microsoft Edge settings file, manipulates file permissions, and escalates privileges by leveraging SYSTEM-level access to the file.

This repository contains a functional exploit for CVE-2019-0841, a local privilege escalation vulnerability in Microsoft Edge. The exploit leverages hardlink creation and file permission manipulation to achieve LPE by targeting Edge's configuration files.

This repository contains a functional exploit for CVE-2019-0841, a local privilege escalation vulnerability in Microsoft Windows. The exploit leverages hardlink creation and DACL manipulation to escalate privileges by targeting the Microsoft Edge settings file.

This Metasploit module exploits CVE-2019-0841, a privilege escalation vulnerability in Windows 10 (pre-build 17763) due to improper handling of hard links by AppXSvc. It creates a hard link to a SYSTEM-owned file, replaces it with a malicious DLL, and leverages the DiagHub service to execute it as SYSTEM.