CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/windows/local/ms16_016_webdav.md
Views: 1904
Introduction
This module exploits a null pointer dereference vulnerability present in the mrxdav.sys
kernel driver on Windows 7 x86. The vulnerability is described by MS16-016 and CVE-2016-0051. The module allows the user to spawn a new payload, such as meterpreter, on the target system with elevated privileges (NT AUTHORITY\SYSTEM)
Usage
You'll first need to obtain a session on the target system. Next, once the module is loaded, one simply needs to set the payload
and session
options. From here, running the module will result in the payload being executed with system level privileges.
An example session follows: