Share
## https://sploitus.com/exploit?id=D08C160B-36FE-57B4-AC03-48F52545BFBD
the bug is at DnsQueryRaw function (to be specific, inside DnsRawTruncateMessageForUdp) so you need a program to call it. 

I could be wrong, but currently there isnt a service or default program in windows 11 that use this function, thats why i needed  client.c.

this repo has 2 files, client.c and poc.py:

client.c: it implements DnsQueryRaw (you need to replace the interface index according to your setup)

poc.py: the trigger use scapy, you have to replace variable _iface with the interface of your attacker machine

i leave the exploit of this as an exercise, cheers

PD: windows 10 is safe, that function is specific to windows 11 (and a specific windows server version)