## https://sploitus.com/exploit?id=39949D68-5EF5-5993-90FA-99A68CBBA1C6
# CVE-2025-62215 Exploit PoC
Original code credit: https://github.com/dexterm300
## ๐งจ Description
This repository contains a proof-of-concept exploit for **CVE-2025-62215**, a **race condition** vulnerability in the Windows kernel that can be triggered via concurrent manipulation of kernel object handles. Under specific conditions, this results in a **double-free**, which can be exploited for **local privilege escalation** to **SYSTEM**.
The exploit works by:
- Creating multiple threads that rapidly open and close kernel object handles
- Exploiting a timing window to trigger double-free conditions
- Using heap spraying to manipulate memory layout
- Detecting elevated privileges using a monitor thread
---
## โ ๏ธ Disclaimer
This code is provided **for educational and authorized security testing purposes only**. Running this on production systems or without explicit permission is **strictly prohibited**.
---
## ๐ ๏ธ Features
- Multithreaded race condition trigger
- Heap spray for layout control
- Privilege check using access token elevation
- Test mode for safer execution
- Thread-safe logging and graceful shutdown
- Minimal dependencies; builds cleanly with `cl.exe` (MSVC)
---
## ๐งช Requirements
- Windows 10/11 (x64)
- MSVC (`cl.exe`) compiler with Debug CRT (`/MDd`)
- Administrator rights for full privilege escalation
- `ntdll.dll` for direct syscall bindings
---
## ๐ ๏ธ Build Instructions
### ๐ช Visual Studio (Recommended)
1. Open in Visual Studio
2. Set configuration to `Debug x64`
3. Build and run with elevated privileges
### ๐ง Command Line (PowerShell or Developer CMD)
May need to install C++ build tools: https://visualstudio.microsoft.com/visual-cpp-build-tools/
& "C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\Common7\Tools\VsDevCmd.bat"
```bash
cl.exe poc.cpp /Od /ZI /RTC1 /MDd /link /OUT:unicorn.exe