## https://sploitus.com/exploit?id=B9CFDA03-44E7-5396-A270-A84E32DE2FA5
This is a (rather flaky) poc for [CVE-2024-38063](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063), a RCE in tcpip.sys patched on August 13th 2024. I didn't find and report this vuln, that would be [Wei](https://x.com/XiaoWei___).
# requirements
```
pip3 install scapy
```
# usage
Modify the fields in the script:
- `iface` `tcpip!Ipv6pProcessOptions` -> `tcpip!IppSendErrorList` being hit?
- Break on `tcpip!Ipv6pProcessOptions` and check whether `[rcx]` is zero all of the time. If yes, then packets are not being coalesced for some reason.
- Break on `tcpip!Ipv6pReceiveFragment` and check if `[rcx+0x30]` is equal to zero. If not, then the vulnerability failed to be triggered for some reason.