Skip to content

Commit 3f1422c

Browse files
author
jenkins-metasploit
committed
automatic module_metadata_base.json update
1 parent c7c0047 commit 3f1422c

File tree

1 file changed

+50
-0
lines changed

1 file changed

+50
-0
lines changed

db/modules_metadata_base.json

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -160725,6 +160725,56 @@
160725160725
"needs_cleanup": null,
160726160726
"actions": []
160727160727
},
160728+
"exploit_windows/local/cve_2024_30085_cloud_files": {
160729+
"name": "Windows Cloud File Mini Filer Driver Heap Overflow",
160730+
"fullname": "exploit/windows/local/cve_2024_30085_cloud_files",
160731+
"aliases": [],
160732+
"rank": 600,
160733+
"disclosure_date": "2024-12-19",
160734+
"type": "exploit",
160735+
"author": [
160736+
"Alex Birnberg",
160737+
"ssd-disclosure",
160738+
"bwatters-r7"
160739+
],
160740+
"description": "This module exploits the Windows Cloud Files Mini FIlter Driver cldflt.sys on Windows workstation versions\n 10_1809 through 11_23H2 and Windows server versions 2022 to 22_23H2.",
160741+
"references": [
160742+
"CVE-2024-30085",
160743+
"URL-https://attackerkb.com/topics/EHiwxpT2Dp/cve-2024-30085",
160744+
"URL-https://ssd-disclosure.com/ssd-advisory-cldflt-heap-based-overflow-pe/",
160745+
"URL-https://starlabs.sg/blog/2024/all-i-want-for-christmas-is-a-cve-2024-30085-exploit/"
160746+
],
160747+
"platform": "Windows",
160748+
"arch": "",
160749+
"rport": null,
160750+
"autofilter_ports": [],
160751+
"autofilter_services": [],
160752+
"targets": [
160753+
"Windows x64"
160754+
],
160755+
"mod_time": "2025-01-10 16:14:32 +0000",
160756+
"path": "/modules/exploits/windows/local/cve_2024_30085_cloud_files.rb",
160757+
"is_install_path": true,
160758+
"ref_name": "windows/local/cve_2024_30085_cloud_files",
160759+
"check": true,
160760+
"post_auth": false,
160761+
"default_credential": false,
160762+
"notes": {
160763+
"Stability": [
160764+
"crash-safe"
160765+
],
160766+
"Reliability": [],
160767+
"SideEffects": [
160768+
"ioc-in-logs"
160769+
]
160770+
},
160771+
"session_types": [
160772+
"meterpreter",
160773+
"shell"
160774+
],
160775+
"needs_cleanup": null,
160776+
"actions": []
160777+
},
160728160778
"exploit_windows/local/cve_2024_30088_authz_basep": {
160729160779
"name": "Windows Kernel Time of Check Time of Use LPE in AuthzBasepCopyoutInternalSecurityAttributes",
160730160780
"fullname": "exploit/windows/local/cve_2024_30088_authz_basep",

0 commit comments

Comments
 (0)