CVE-2021-21551

This exploit leverages an arbitrary write vulnerability in the DELL dbutil_2_3.sys driver to overwrite token privileges in kernelspace, achieving local privilege escalation (LPE) on Windows 10. It uses DeviceIoControl to manipulate the _SEP_TOKEN_PRIVILEGES structure of the current process token.

This repository contains a functional exploit for CVE-2021-21551, a Dell BIOS driver privilege escalation vulnerability. The exploit leverages token manipulation and RPC calls to achieve local privilege escalation (LPE) on vulnerable Windows systems.

This repository contains a functional Cobalt Strike Beacon Object File (BOF) exploit for CVE-2021-21551, targeting a Dell driver vulnerability. The exploit leverages arbitrary read/write primitives to escalate privileges by overwriting the beacon process token with the system process token.

This repository contains a functional exploit for CVE-2021-21551, a Dell driver vulnerability allowing arbitrary kernel memory read/write via IOCTL calls. The PoC elevates privileges by overwriting the current process token with the system token.

This repository contains a functional exploit for CVE-2021-21551, a Dell driver privilege escalation vulnerability. The exploit leverages the vulnerable 'dbutil_2_3' driver to overwrite token privileges, granting elevated permissions to the current user.

This repository contains a functional exploit for CVE-2021-21551, a Dell driver privilege escalation vulnerability. The exploit leverages insufficient access control in the dbutil_2_3.sys driver to achieve local privilege escalation by manipulating kernel memory via bitmap operations and token stealing.

This repository contains a functional exploit for CVE-2021-21551, a Dell BIOS driver vulnerability. The exploit leverages arbitrary kernel memory read/write operations to achieve local privilege escalation by manipulating page table entries and executing code in kernel mode.

This repository contains a functional proof-of-concept exploit for CVE-2021-21551, targeting the Dell dbutil_2_3.sys driver. The code demonstrates arbitrary read/write capabilities in kernel memory by leveraging vulnerable IOCTL calls, enabling local privilege escalation.

This repository contains a functional exploit for CVE-2021-21551, a vulnerability in the Dell DBUtil_2_3 driver that allows arbitrary read/write operations via IOCTL calls. The exploit leverages these operations to escalate privileges by overwriting the token of the current process with the system token.

This repository contains PowerShell scripts to mitigate CVE-2021-21551 by detecting and removing the vulnerable 'dbutil_2_3.sys' driver installed by Dell SupportAssist or BIOS update tools. The scripts include both remote (domain-wide via WinRM) and local cleanup versions.

This repository contains a functional exploit for CVE-2021-21551, a Dell BIOS driver privilege escalation vulnerability. The exploit leverages token manipulation and RPC-based techniques to escalate privileges on vulnerable Windows systems.

This repository contains a functional exploit for CVE-2021-21551, a Dell DBUtil driver vulnerability. The exploit leverages arbitrary read/write primitives via IOCTL calls to achieve local privilege escalation (LPE) by manipulating kernel memory structures.

This repository contains a functional exploit for CVE-2021-21551, demonstrating arbitrary read/write primitives in the Dell DBUtil_2_3 driver to bypass SMEP and execute a token-stealing payload for local privilege escalation.

This repository contains a functional exploit for CVE-2021-21551, a Dell BIOS driver vulnerability, demonstrating local privilege escalation (LPE) by overwriting the current process token with the system token to spawn a SYSTEM-level command prompt.

This repository contains a functional exploit for CVE-2021-21551, which leverages a vulnerable Dell driver (DBUtilDrv2.sys) to bypass LSA protection on Windows systems. The exploit demonstrates arbitrary read/write primitives to modify process protection flags, enabling or disabling memory access restrictions on processes like lsass.exe.

This Metasploit module exploits CVE-2021-21551, a vulnerability in Dell's DBUtil_2_3.sys driver that allows unprotected IOCTL access to read/write kernel memory, enabling local privilege escalation (LPE). The exploit checks for the vulnerable driver, verifies target compatibility, and executes a reflective DLL payload to achieve elevated privileges.