# Microsoft Windows 文件资源管理器欺骗漏洞
## 漏洞概述
Windows File Explorer存在敏感信息泄露问题,未经授权的攻击者可以通过网络进行欺骗攻击。
## 影响版本
未提供具体版本信息。
## 漏洞细节
未经授权的攻击者可以利用Windows File Explorer中的敏感信息泄露漏洞,通过网络进行欺骗攻击。
## 漏洞影响
该漏洞可能导致敏感信息被未经授权的人员获取,进而被用于网络欺骗攻击。这可能会导致用户的数据被窃取或系统被进一步攻击。
是否为 Web 类漏洞: 否
判断理由:
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File | https://github.com/0x6rss/CVE-2025-24071_PoC | POC详情 |
| 2 | metasploit module for the CVE-2025-24071 | https://github.com/FOLKS-iwd/CVE-2025-24071-msfvenom | POC详情 |
| 3 | Windows File Explorer Spoofing Vulnerability (CVE-2025-24071) | https://github.com/aleongx/CVE-2025-24071 | POC详情 |
| 4 | Alternativa CVE-2025-24071_PoC | https://github.com/ctabango/CVE-2025-24071_PoCExtra | POC详情 |
| 5 | Exploit CVE-2025-24071 | https://github.com/shacojx/CVE-2025-24071-Exploit | POC详情 |
| 6 | Windows File Explorer Spoofing Vulnerability (CVE-2025-24071) | https://github.com/ThemeHackers/CVE-2025-24071 | POC详情 |
| 7 | None | https://github.com/rubbxalc/CVE-2025-24071 | POC详情 |
| 8 | A PoC of CVE-2025-24071, A windows vulnerability that allow get NTMLv2 hashes | https://github.com/Marcejr117/CVE-2025-24071_PoC | POC详情 |
| 9 | None | https://github.com/cesarbtakeda/Windows-Explorer-CVE-2025-24071 | POC详情 |
| 10 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E6%BC%8F%E6%B4%9E/Windows%20%E6%96%87%E4%BB%B6%E8%B5%84%E6%BA%90%E7%AE%A1%E7%90%86%E5%99%A8%E6%AC%BA%E9%AA%97%E6%BC%8F%E6%B4%9E%20CVE-2025-24071.md | POC详情 |
| 11 | None | https://github.com/pswalia2u/CVE-2025-24071_POC | POC详情 |
| 12 | Windows File Explorer Spoofing Vulnerability - CVE-2025-24071 | https://github.com/f4dee-backup/CVE-2025-24071 | POC详情 |
| 13 | CVE-2025-24071 Proof Of Concept | https://github.com/LOOKY243/CVE-2025-24071-PoC | POC详情 |
| 14 | Exploited CVE-2025-24071 via SMB by hosting a .library-ms file inside a .tar archive. Using tar x from smbclient, the payload is extracted server-side without user interaction. Responder captures the NTLM hash once the target accesses the library. | https://github.com/ex-cal1bur/SMB_CVE-2025-24071 | POC详情 |
| 15 | Security Vulnerability Report: CVE-2025-24071 - Windows File Explorer Spoofing Vulnerability | https://github.com/TH-SecForge/CVE-2025-24071 | POC详情 |
| 16 | CVE-2025-24071 | https://github.com/B1ack4sh/Blackash-CVE-2025-24071 | POC详情 |
| 17 | CVE-2025-24071: NTLMv2 Hash Disclosure via .library-ms File | https://github.com/DeshanFer94/CVE-2025-24071-POC-NTLMHashDisclosure- | POC详情 |
| 18 | None | https://github.com/Royall-Researchers/CVE-2025-24071 | POC详情 |
| 19 | Python script to execute CVE-2025-24071 | https://github.com/AC8999/CVE-2025-24071 | POC详情 |
| 20 | CVE-2025-24071 | https://github.com/Ashwesker/Blackash-CVE-2025-24071 | POC详情 |
| 21 | This is a python PoC scripts for CVE-2025-24071 which is a vulnerability in Windows File Explorer that allows unauthorized access to sensitive information like NTLM Exposure. | https://github.com/Abdelrahman0Sayed/CVE-2025-24071 | POC详情 |
| 22 | Hello friend. This is the Fsociety Exploit Framework for CVE-2025-24071. Generates malicious .library-ms files to steal NTLMv2 hashes. Includes a 'Living Terminal' Cinematic Mode, Deep Trace logging, and stealth evasion techniques. Join the revolution. #Hacking #Exploit #CVE-2025-24071 | https://github.com/fsoc-ghost-0x/Fsociety-CVE-2025-24071-NTLM-Coercion | POC详情 |
| 23 | Exploit CVE-2025-24071 | https://github.com/ephunter/CVE-2025-24071-Exploit | POC详情 |
| 24 | CVE-2025-24071 | https://github.com/Ashwesker/Ashwesker-CVE-2025-24071 | POC详情 |
暂无评论