# Quick Start Guide ## Prerequisites 1. **Windows Development Environment** - Visual Studio 2019 or later - Windows SDK - (Optional) Windows Driver Kit (WDK) 2. **Test Environment** - A Windows 10/11 test system (VM recommended) - Local user account with standard privileges - **IMPORTANT**: Only test on systems you own or have explicit permission ## Step 1: Check System Compatibility ```bash # Build and run system info utility system_info.exe ``` This will show: - Windows version and build number - System architecture - Current privilege level - Whether the system might be vulnerable ## Step 2: Build the Exploit ### Option A: Using Build Script (Recommended) ```bash # Open Visual Studio Developer Command Prompt # Navigate to project directory build.bat ``` ### Option B: Manual Build ```bash # Main exploit cl.exe /EHsc /O2 exploit.cpp /link /SUBSYSTEM:CONSOLE /OUT:exploit.exe # Advanced module (optional) cl.exe /EHsc /O2 advanced_exploit.cpp /link /SUBSYSTEM:CONSOLE /OUT:advanced_exploit.exe # System info (optional) cl.exe /EHsc /O2 system_info.cpp /link /SUBSYSTEM:CONSOLE /OUT:system_info.exe ``` ## Step 3: Run the Exploit ### Test Mode (Safest) ```bash exploit.exe --test ``` This verifies the code can initialize without attempting full exploitation. ### Full Exploitation ```bash # Standard execution exploit.exe # With verbose output exploit.exe --verbose ``` ## Step 4: Verify Results After running the exploit: 1. **Check Privilege Level** ```bash # In a new command prompt whoami /priv ``` 2. **Verify SYSTEM Access** - Try accessing protected system directories - Check if you can modify system files - Verify process privileges in Task Manager ## Troubleshooting ### Build Errors **Error: "cl.exe not found"** - Solution: Run from Visual Studio Developer Command Prompt - Or manually set up the build environment variables **Error: "Cannot open include file"** - Solution: Install Windows SDK - Verify SDK path in Visual Studio Installer ### Runtime Issues **"Race condition not triggered"** - The exploit may require multiple attempts - System might be patched - Try running with different thread counts (modify code) **System Crashes (BSOD)** - This is expected behavior for kernel exploits - Use a VM for testing - Ensure you have snapshots/backups **"Already running with elevated privileges"** - The exploit detects you're already admin - Test with a standard user account instead ## Important Notes 1. **Reliability**: Kernel race condition exploits are inherently unreliable - Success rate may be low (10-30% typical) - Multiple attempts may be needed - System crashes are possible 2. **Detection**: This exploit may be detected by: - Antivirus software - EDR solutions - Windows Defender - Consider testing in isolated environment 3. **Patching**: If the system is patched: - Exploit will fail safely - No privilege escalation will occur - System should remain stable ## Next Steps - Review `TECHNICAL_DETAILS.md` for in-depth analysis - Examine the code to understand the vulnerability - Consider developing detection rules based on exploit behavior - Test mitigation strategies ## Getting Help - Review the code comments for implementation details - Check `TECHNICAL_DETAILS.md` for technical analysis - Consult Windows kernel documentation for deeper understanding ## Safety Reminders ⚠️ **Always**: - Test in isolated VMs - Use snapshots before testing - Only test on systems you own - Follow responsible disclosure practices ❌ **Never**: - Test on production systems - Use on systems without permission - Share exploit code without warnings - Use for malicious purposes