复现文章:hlingxbm
For demonstration purposes only. Complete exploit works on vulnerable Windows 11 22H2 systems. Write primitive works on all vulnerable systems.
Usage:
Windows_AFD_LPE_CVE-2023-21768.exe <pid>
where <pid> is the process ID (in decimal) of the process to elevate.
Should result in the target process being elevated to SYSTEM
The I/O Ring LPE primitive code is based on the I/ORing R/W PoC by Yarden Shafir
Blog post soon, will update repo when it's released.
