Microsoft Windows Kernel Intel x64 SYSRET PoC

EDB-ID: 20861 CVE: 2012-0217 OSVDB-ID: 82850
Verified: Author: Shahriyar Jalayeri Published: 2012-08-27
Download Exploit: Source Raw Download Vulnerable App: N/A
Source: http://packetstormsecurity.org/files/115908/sysret.rar

This is proof of concept code that demonstrates the Microsoft Windows kernel (Intel/x64) SYSRET vulnerability as described in MS12-042. The shellcode disables code signing and will grant NT SYSTEM privileges to a specified application or already running process.

Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20861.rar