## https://sploitus.com/exploit?id=F8830EF1-FF72-59E9-BD88-84B58AC54FF3
# cve-2024-26229
A nim version of the (now outdated) Windows LPE vulnerability abusing CSC.
This is for educational purposes only, and refer to the patch list to determine whether or not your system/your target is vulnerable.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26229
# Usage
### Compilation
```
# Make sure you have the necessary nim libraries installed
# This will create a main.exe
nim c --app=console --cpu=amd64 --os=windows -d:release --gc:arc --passL:-s main.nim
```
### What Actually Gets Executed
The template uses powershell to execute a base64 encoded script block. Host your payload on a web server (or utilize the file hosting mechanism available on most C2 platforms), base64 encode the download string and simply replace the ###Your base64 delivery here### with the base64 encoded string.
# Indicators of Compromise
### Host-Based Analysis
To be updated
### Network-Based Analysis
To be updated