Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.
- https://github.com/Barakat/CVE-2019-16098
- https://github.com/0xDivyanshu-new/CVE-2019-16098
- https://github.com/0xT11/CVE-POC
- https://github.com/474172261/KDU
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Barakat/CVE-2019-16098
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/ExpLife0011/awesome-windows-kernel-security-development
- https://github.com/GhostTroops/TOP
- https://github.com/JustaT3ch/Kernel-Snooping
- https://github.com/Offensive-Panda/NT-AUTHORITY-SYSTEM-CONTEXT-RTCORE
- https://github.com/Ondrik8/exploit
- https://github.com/Rydersel/PlaguewareCSGO_3.0
- https://github.com/TamatahYT/RTCore64Exploitation
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/gabriellandau/EDRSandblast-GodFault
- https://github.com/h4rmy/KDU
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hfiref0x/KDU
- https://github.com/lazypanda1729/Kernel-Snooping
- https://github.com/pravinsrc/NOTES-windows-kernel-links
- https://github.com/sl4v3k/KDU
- https://github.com/thebringerofdeath789/KernelModeCpp
- https://github.com/vls1729/Kernel-Snooping
- https://github.com/wavestone-cdt/EDRSandblast
- https://github.com/wildangelcult/was
- https://github.com/zeon1045/belbel
- https://github.com/zeon1045/intentohibri
- https://github.com/zeze-zeze/2023iThome
- https://github.com/zeze-zeze/CYBERSEC2023-BYOVD-Demo