CVE-2023-21768

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2023-21768, targeting Windows AFD (Ancillary Function Driver) via arbitrary kernel write primitives. The exploit leverages IoRing mechanisms to elevate a target process to SYSTEM privileges.

This repository contains a working proof-of-concept exploit for CVE-2023-21768, leveraging the AFD driver vulnerability to achieve local privilege escalation (LPE) on Windows 11 22H2. The exploit uses IoRing for memory read/write primitives and disables SMEP/SMAP by overwriting CR4 to execute a manually mapped driver in usermode.

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2023-21768, targeting Windows via the AFD driver and IoRing mechanism. The exploit leverages arbitrary kernel writes to elevate a target process token to SYSTEM.

This repository is a writeup for CVE-2023-21768, referencing a compiled version of an exploit for a Windows LPE vulnerability. It includes a screenshot and links to the original exploit code but does not contain the actual exploit code itself.

This repository contains a proof-of-concept exploit for CVE-2023-21768, a local privilege escalation vulnerability in Windows 11 22H2. The exploit targets a process ID to elevate its privileges to SYSTEM.

This repository contains a working exploit for CVE-2023-21768, an elevation of privilege (EoP) vulnerability in the Windows Ancillary Function Driver for WinSock (afd.sys). The exploit leverages arbitrary read/write primitives to achieve privilege escalation on Windows 11.

This is a C# port of the CVE-2023-21768 exploit, which targets a local privilege escalation vulnerability in the Windows AFD (Ancillary Function Driver) for WinSock. The exploit leverages unsafe memory operations and IoRing APIs to achieve elevation of privileges.

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2023-21768, targeting Windows AFD (Ancillary Function Driver) via arbitrary kernel write primitives. The exploit leverages IoRing and AFD socket manipulation to elevate a target process to SYSTEM privileges.

This is a local privilege escalation (LPE) exploit for CVE-2023-21768, targeting a vulnerability in the Windows Ancillary Function Driver (AFD). The exploit leverages arbitrary kernel write primitives to achieve privilege escalation by manipulating IoCompletion objects and AFD socket operations.

This repository contains a proof-of-concept exploit for CVE-2023-21768, leveraging IO Rings to achieve arbitrary memory write primitives on Windows 22H2. The exploit involves socket manipulation and memory corruption techniques to demonstrate the vulnerability.

This repository contains a proof-of-concept exploit for CVE-2023-21768, leveraging an arbitrary kernel write primitive in AFD.sys via IoRing. The exploit targets Windows 11 202209 and demonstrates privilege escalation by manipulating kernel memory.

This PoC exploits CVE-2023-21768, a vulnerability in Windows AFD (Ancillary Function Driver) to achieve arbitrary kernel write via IoRing manipulation. It bypasses DSE (Driver Signature Enforcement) to load an unsigned driver, demonstrating a local privilege escalation (LPE) attack.

This is a working proof-of-concept exploit for CVE-2023-21768, leveraging IoRing and AFD socket manipulation to achieve arbitrary kernel read/write primitives, ultimately spawning a SYSTEM shell.

This Metasploit module exploits CVE-2023-21768, a privilege escalation vulnerability in the Windows Ancillary Function Driver (afd.sys) via a kernel Write-Where primitive. It targets Windows 11 22H2 (build 22621.963 or earlier) and leverages reflective DLL injection to execute a privileged payload.

This repository contains a functional exploit for CVE-2023-21768, a local privilege escalation vulnerability in the Windows AFD.sys driver. The exploit leverages an arbitrary write bug via the AFDNotifySock IOCTL to overwrite kernel memory and escalate privileges.