CVE-2019-16098

This repository contains a functional exploit for CVE-2019-16098, which leverages arbitrary memory read/write capabilities in Micro-Star MSI Afterburner's RTCore64.sys driver to escalate privileges to SYSTEM. The exploit demonstrates token stealing by overwriting the current process token with the System process token.

This repository contains a functional exploit for CVE-2019-16098, targeting the Micro-Star MSI Afterburner driver (RTCore64.sys) to achieve local privilege escalation by dynamically calculating Ntoskrnl.exe offsets and stealing the SYSTEM token.

This repository contains a functional exploit for CVE-2019-16098, targeting the RTCore64.sys driver to achieve local privilege escalation (LPE) by manipulating process tokens. The exploit leverages vulnerable IOCTL codes to read/write kernel memory and ultimately spawn a SYSTEM-level cmd.exe process.

This PoC demonstrates CVE-2019-16098 by exploiting the RTCore64.sys driver's arbitrary memory read vulnerability via IOCTL 0x80002048. It continuously monitors a secret value in memory to detect handle closure or tampering.

This repository contains a functional exploit for CVE-2019-16098, which leverages arbitrary memory read/write capabilities in the Micro-Star MSI Afterburner driver (RTCore64.sys) to escalate privileges to SYSTEM. The exploit demonstrates token stealing by overwriting the current process token with the System process token.

The repository claims to exploit CVE-2019-16098 for kernel driver loading but provides no actual exploit code, technical details, or proof-of-concept. It appears to be a lure for malicious ransomware distribution under the guise of academic research.