CVE-2023-21554 PoC — Microsoft Message Queuing 安全漏洞

Source

https://github.com/3tternp/CVE-2023-21554

Associated Vulnerability

Title:Microsoft Message Queuing 安全漏洞 (CVE-2023-21554)
Description:Microsoft Message Queuing是用于实现需要高性能的异步和同步场景的解决方案。 Microsoft Message Queuing存在安全漏洞。以下产品和版本受到影响：Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Wind

Readme

# CVE-2023-21554-PoC

CVE-2023-21554 Windows MessageQueuing PoC，

The sign of Poc success is the crash of the mqsvc.exe process, and there is no pop-up message, which needs to be seen in a process monitor-like program

Execute command in windows terminal or command prompt 

**python poc.py **


Enter IP address of the victim PC and hit enter

File Snapshot


 [4.0K]  /data/pocs/0395125653e3a712c7a7da743128f099273f4390
├── [805K]  CVE-2023-21554 Loophole Analysis.pdf
├── [4.0K]  data
│   ├── [  32]  connection_parameters.bin
│   ├── [ 572]  establish_connection.bin
│   ├── [  36]  session_acknowledgment.bin
│   └── [ 256]  user_message.bin
├── [1.2K]  poc.py
└── [ 348]  README.md

1 directory, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!