Skip to content
/ kernel-mii Public

Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.

License

MIT license
79 stars 24 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tijme/kernel-mii

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.github
.github
 
 
headers
headers
 
 
KernelMii.c
KernelMii.c
 
 
KernelMii.cna
KernelMii.cna
 
 
KernelMii.o
KernelMii.o
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 

Repository files navigation


Cobalt Strike Beacon Object File foundation for kernel exploitation using CVE-2021-21551.
Built by Tijme. Credits to Alex for teaching me! Made possible by Northwave Security

Description

This is a Cobalt Strike (CS) Beacon Object File (BOF) which exploits CVE-2021-21551. It only overwrites the beacon process token with the system process token. But this BOF is mostly just a good foundation for further kernel exploitation via CS.

Usage

Compiling

cl.exe /c .\KernelMii.c /Fo.\KernelMii.o

Running

$ kernel_mii

Limitations

  • If the vulnerable driver is not installed, you need to be local admin to install it.

Todo

  • Load the vulnerable driver from memory instead of from disk.
  • Delete the vulnerable driver if it was not preinstalled.

Issues

Issues or new features can be reported via the issue tracker. Please make sure your issue or feature has not yet been reported by anyone else before submitting a new one.

License

Copyright (c) 2022 Tijme Gommers & Northwave Security. All rights reserved. View LICENSE.md for the full license.

About

Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.

Topics

kernel exploit beacon cobalt-strike bof red-teaming cve-2021-21551

Resources

Readme

License

MIT license
Activity

Stars

79 stars

Watchers

4 watching

Forks

24 forks
Report repository

Languages