Exploiting Reversing (ER) series: article 07 | Exploitation Techniques: CVE-2024-30085 (part 01)

I am excited to release the seventh article in the Exploiting Reversing Series (ERS). Titled “Exploitation Techniques | CVE-2024-30085 (part 01)” this 119-page technical guide offers a comprehensive roadmap for vulnerability exploitation:

https://exploitreversing.com/wp-content/uploads/2026/03/exploit_reversing_07-1.pdf

Key features of this edition:

[+] Dual Exploit Strategies: Two distinct exploit versions using Token Stealing and I/O Ring techniques.
[+] Exploit ALPC + PreviousMode Flip + Token Stealing: elevation of privilege of a regular user to SYSTEM.
[+] Exploit ALPC + Pipes + I/O Ring: elevation of privilege of a regular user to SYSTEM.
[+] Solid Reliability: Two complete working and stable exploits, including an improved cleanup stage.
[+] Optimized Exploit Logic: Significant refinements to the codebase and technical execution for better stability and predictability.

The article guides you through the two distinct techniques for exploiting the CVE-2024-30085 Heap Buffer Overflow vulnerability.

I would like to thank Ilfak Guilfanov (@ilfak on X) and Hex-Rays SA (@HexRaysSA on X) for their constant and uninterrupted support, which has helped me write these articles over time.

I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback!

Enjoy your reading and have an excellent day.

Alexandre Borges
(March 04, 2026)

PS: The videos demonstrating the exploit are below:

Exploiting Reversing (ER) series: article 05 | Hyper-V (part 01)

The fifth article (57 pages) of the Exploiting Reversing Series (ERS), a step-by-step research series on Windows, macOS, hypervisors and browsers, is available for reading on:

(PDF): https://exploitreversing.com/wp-content/uploads/2025/03/exploit_reversing_05.pdf

I would like to thank Ilfak Guilfanov (@ilfak on X) and Hex-Rays SA (@HexRaysSA on X) for their constant and uninterrupted support, which have helped me write these articles over time.

The best thing in life is people.

I hope you enjoy reading it and have an excellent day.

Alexandre Borges.

(MARCH/12/2025)

Malware Analysis Series (MAS): article 09 | Shellcode

The nineth article (38 pages) of the Malware Analysis Series (MAS), a step-by-step malware analysis and reverse engineering series, is available for reading on:

(PDF): https://exploitreversing.com/wp-content/uploads/2025/01/mas_09-1.pdf

I hope this article helps professionals from cybersecurity communities around the world.

Have an excellent and keep reversing!

Alexandre Borges

(JANUARY/08/2025)

PS: there is a typo on page 07 at the last bullet. Where you read “0x00000095” you must change it to “0x00000099“, as stated at the previous bullet.

Exploiting Reversing (ER) series: article 02 | Windows kernel drivers – part 02

The second article (85 pages) in the Exploiting Reversing (ER) series, a step-by-step vulnerability research series on Windows, macOS, hypervisors and browsers, is available for reading on:

(PDF): https://exploitreversing.com/wp-content/uploads/2024/05/exploit_reversing_02-2.pdf

Happy New Year with happiness, harmony, peace and health to experience all the good times close to your families and friends.

The best thing about this life are the people.

Have an excellent and keep reversing!

Alexandre Borges

(JANUARY/03/2024)

PS: There is a typo on page 72 at the last but one bullet. Where you read “FILE_DEVICE_SECURITY_OPEN was specified for DeviceCharacteristics parameter, as recommended” you should change it to “FILE_DEVICE_SECURE_OPEN was specified for DeviceCharacteristics parameter, as recommended”.