CVE-2024-0670

This repository contains a functional C++ exploit for CVE-2024-0670, targeting CheckMK Agent on Windows for local privilege escalation (LPE). The exploit includes detailed logging, interactive shell capabilities, and reverse shell functionality.

This repository contains a functional proof-of-concept exploit for CVE-2024-0670, a local privilege escalation vulnerability in the CheckMK Windows Agent. The exploit leverages writable temp file paths executed during MSI repair to achieve SYSTEM privileges.

This repository contains a functional PowerShell exploit for CVE-2024-0670, which leverages a race condition in the CheckMK Agent's handling of temporary files in C:\Windows\Temp. The exploit pre-positions read-only .cmd files that are executed with SYSTEM privileges when the agent's MSI installer is triggered.

This repository contains a functional C++ exploit for CVE-2024-0670, targeting CheckMK Agent on Windows for local privilege escalation (LPE). The code includes detailed exploit logic, helper functions, and interactive shell capabilities, indicating a well-developed PoC.

This repository contains a functional PowerShell exploit for CVE-2024-0670, a local privilege escalation vulnerability in the CheckMK Agent. The exploit leverages predictable file execution during an MSI repair process to escalate privileges to NT AUTHORITY\SYSTEM.

The repository lacks actual exploit code and instead directs users to download an executable from an external release page. The README is vague, uses marketing language, and does not provide technical details about the vulnerability or exploitation process.

This repository contains a functional PowerShell script that exploits CVE-2024-0670 in Check MK by leveraging MSI repair to execute arbitrary commands with SYSTEM privileges. The script identifies Check MK MSI files, seeds command files, and triggers an MSI repair to achieve privilege escalation.