Windows Capcom.sys Kernel Execution Exploit (x64 only)
Posted by deepcore on October 3, 2016 – 6:48 pm
This Metasploit module abuses the Capcom.sys kernel driver’s function that allows for an arbitrary function to be executed in the kernel from user land. This function purposely disables SMEP prior to invoking a function given by the caller. This has been tested on Windows 7 x64.
Post a reply
You must be logged in to post a comment.