Closed ykram closed 8 years ago
You are right that commandToExecute
is not used. But Command
is being initialized properly.
exploitVulnerability.Command = EARGF(ShowUsage(argv[0]));
Are you running the exploit like this: HackSysEVDExploit.exe -p -c cmd.exe
Ah nope, you're correct. I was missing the -c flag. It's somewhat confusing because here: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver/blob/master/Exploit/Source/HackSysEVDExploit.c#L65
the -c flag is omitted entirely. In that case probably better to just fix line 65?
Nice. This is what we call as silly mistake. Thanks for pointing out. I'll fix it ASAP.
@ykram Commit https://github.com/hacksysteam/HackSysExtremeVulnerableDriver/commit/6e338af8d28a0b23f5edd3ef0c3e817370daca0e closes #4
Thanks for reporting.
commandToExecute doesn't appear to be used anywhere and the actual 'Command' field in the struct doesn't appear to ever be set which causes CreateProcess() to always fail.