PoC-in-GitHub/2024/CVE-2024-0670.json

[
    {
        "id": 1096962362,
        "name": "checkmk_cve-2024-0670",
        "full_name": "zhulin837\/checkmk_cve-2024-0670",
        "owner": {
            "login": "zhulin837",
            "id": 198304370,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/198304370?v=4",
            "html_url": "https:\/\/github.com\/zhulin837",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/zhulin837\/checkmk_cve-2024-0670",
        "description": null,
        "fork": false,
        "created_at": "2025-11-15T09:16:56Z",
        "updated_at": "2025-11-15T09:58:13Z",
        "pushed_at": "2025-11-15T09:58:10Z",
        "stargazers_count": 0,
        "watchers_count": 0,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 0,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 1097541932,
        "name": "CVE-2024-0670",
        "full_name": "magicrc\/CVE-2024-0670",
        "owner": {
            "login": "magicrc",
            "id": 4384877,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4384877?v=4",
            "html_url": "https:\/\/github.com\/magicrc",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/magicrc\/CVE-2024-0670",
        "description": " PoC for CVE-2024-0670",
        "fork": false,
        "created_at": "2025-11-16T11:36:23Z",
        "updated_at": "2025-12-20T12:28:07Z",
        "pushed_at": "2025-11-16T11:45:53Z",
        "stargazers_count": 1,
        "watchers_count": 1,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [
            "checkmk-agent",
            "cve-2024-0670",
            "poc",
            "powershell"
        ],
        "visibility": "public",
        "forks": 0,
        "watchers": 1,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 1097573214,
        "name": "CVE-2024-0670-CheckMK-Agent-Local-Privilege-Escalation-Exploit",
        "full_name": "elsevar11\/CVE-2024-0670-CheckMK-Agent-Local-Privilege-Escalation-Exploit",
        "owner": {
            "login": "elsevar11",
            "id": 90690613,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90690613?v=4",
            "html_url": "https:\/\/github.com\/elsevar11",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/elsevar11\/CVE-2024-0670-CheckMK-Agent-Local-Privilege-Escalation-Exploit",
        "description": "This repository contains an exploit demonstration for CVE-2024-0670, a local privilege escalation vulnerability affecting the CheckMK Agent for Windows. The vulnerability allows a low-privileged user to obtain SYSTEM privileges by abusing writable file paths processed by the MSI repair mechanism.",
        "fork": false,
        "created_at": "2025-11-16T12:49:35Z",
        "updated_at": "2025-11-16T13:25:56Z",
        "pushed_at": "2025-11-16T13:22:47Z",
        "stargazers_count": 1,
        "watchers_count": 1,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 1,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 1120365953,
        "name": "Fsociety-CVE-2024-0670-CheckMK-LPE",
        "full_name": "fsoc-ghost-0x\/Fsociety-CVE-2024-0670-CheckMK-LPE",
        "owner": {
            "login": "fsoc-ghost-0x",
            "id": 171997927,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171997927?v=4",
            "html_url": "https:\/\/github.com\/fsoc-ghost-0x",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/fsoc-ghost-0x\/Fsociety-CVE-2024-0670-CheckMK-LPE",
        "description": "Hello friend. This is the key to the kingdom. Advanced LPE exploit for CheckMK (CVE-2024-0670). Abuses insecure file handling for SYSTEM access. Includes surgical persistence module. Written in C++. They thought they were safe. They were wrong. The 5\/9 revolution starts with a root shell. > We Are Fsociety_",
        "fork": false,
        "created_at": "2025-12-21T03:54:48Z",
        "updated_at": "2025-12-21T04:50:27Z",
        "pushed_at": "2025-12-21T04:50:24Z",
        "stargazers_count": 1,
        "watchers_count": 1,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [
            "c0deghost",
            "checkmk-agent",
            "cpp",
            "cpp-malware",
            "cve-2024-0670",
            "edr",
            "escalate-privilages",
            "fsociety",
            "fsociety-hacking",
            "low-level",
            "low-level-programming",
            "microsoft",
            "mr-robot",
            "nt-authority-system",
            "offsensive-security",
            "red-team",
            "windows",
            "windows-10",
            "windows-11",
            "windows-exploit"
        ],
        "visibility": "public",
        "forks": 0,
        "watchers": 1,
        "score": 0,
        "subscribers_count": 0
    }
]