Subscribe via feed.

Windows Capcom.sys Kernel Execution Exploit (x64 only)

Posted by deepcore on October 3, 2016 – 6:48 pm

This Metasploit module abuses the Capcom.sys kernel driver’s function that allows for an arbitrary function to be executed in the kernel from user land. This function purposely disables SMEP prior to invoking a function given by the caller. This has been tested on Windows 7 x64.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.