User flag
Use my implementation of CVE-2023-38146 to generate a malicious Windows 11 theme and upload it to the machine. This should get you the user shell.
Root flag
After looking around for stuff on the machine, I found a PDF file in the C:/Users/sam.emerson/Documents folder that says something about CVE-2023-28252. ๐
So, I compiled it and replaced notepad.exe with a reverse shell executable, compiled it using Visual Studio and gained the system shell. Easy machine.
