Adding CVE-2025-24071 and tweaking READMEs
This commit is contained in:
0xVoodoo
@@ -0,0 +1,20 @@
|
||||
# CVE-2023-24071 - Windows Explorer NTLM Hash Disclosure
|
||||
|
||||
This exploit abuses the way Windows Explorer handles library files that have been extracted from an archive (.zip, .rar, etc.).
|
||||
When an archive containing a library is decompressed, Explorer will automatically attempt a connection to the URL specified in the library.
|
||||
|
||||
This means that we can set up responder and listen for a connection back to our fake SMB server, disclosing the hash of the user who extracted the archive.
|
||||
|
||||
User interaction is required as the archive file must be opened for the connection to be made.
|
||||
|
||||
# Usage
|
||||
|
||||
CVE-2025-2401.py -s <attacker IP/domain> -f <output file name>
|
||||
\-l <library name> Renames the library file (default mal.library-ms)
|
||||
|
||||
# License
|
||||
GPL v3.0 - as all good software should be
|
||||
|
||||
Only with explicit permission from the target system owner.
|
||||
|
||||
Remember - don't be a skid :)
|
||||
Reference in New Issue
Block a user