Share
## https://sploitus.com/exploit?id=9787204A-E338-5842-9506-5B7BCC3FCC43
It is an offensive tool for Windows. This repository contains a kernel rootkit that resides within Windows registry value data, developed by Oleksiuk Dmytro (aka Cr4sh). The rootkit exploits a zero-day vulnerability in win32k.sys, a Windows kernel-mode driver, through a buffer overflow in the bInitializeEUDC() function. The rootkit's features include a network backdoor and meterpreter/bind_tcp functionality, allowing it to move undetected in memory over discardable sections of default Windows drivers. It is designed to evade detection by public anti-rootkit tools and is compatible with Windows 7 (SP0, SP1) x86. The rootkit's execution diagram is provided in the repository.