Share
## https://sploitus.com/exploit?id=962B4BB7-85EB-5825-BDD9-DDB88CDCCD5D
## POC Recreating CVE 2023-36802
### Microsoft Streaming Service Proxy Privilege Escalation Vulnerability

 Procedure to Recreate the Exploit for CVE-2023-36802 targeting **MSKSSRV.SYS** driver

## Prequisites 
If You want to Understand how this Exploit is working , Go through this [Blog](https://securityintelligence.com/x-force/critically-close-to-zero-day-exploiting-microsoft-kernel-streaming-service/)

This CVE is actually the Bypass of Another CVE which is CVE-2023-29360 , Go through That Also its mentioned in Blog I have linked above 

If You want to check if your Windows has MSKSSRV.SYS driver
- Open Command Prompt , Go to this Path : dir
```sh
C:\Windows\System32\drivers> dir
```
![alt text](Assets/drivecheck.png)




## Windows Version

This is the list of Version of Windows where its Vulnerable to this CVE :-

![alt text](Assets/version.png)

- I would say you should perefer Installing **21h2** version of Windows VM 


## Steps to Recreate :-

- You can find Iso-Image file in this [link](https://www.getmyos.com/) (Note: I dont guarantee safety of this link)
- Boot-Up the Iso-Image file in your Virtual Box / Vmware
- Install Visual Studio in that VM ( Not Visual Studio Code )
- Clone the Repository or Download the Zip 
- After the Installtion is complete , Open your `CVE-2023-36802_Win10.sln` in it
- Build < Run