CVE-2024-43582 PoC — Microsoft Windows Remote Desktop Protocol 资源管理错误漏洞

Source

https://github.com/jinxongwi/CVE-2024-43582-RCE

Associated Vulnerability

Title:Microsoft Windows Remote Desktop Protocol 资源管理错误漏洞 (CVE-2024-43582)
Description:Microsoft Windows Remote Desktop Protocol（RDP）是美国微软（Microsoft）公司的一款用于连接远程Windows桌面的应用。 Microsoft Windows Remote Desktop Protocol存在资源管理错误漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响：Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for x64-based S

Description

Metasploit Module for CVE-2024-43582 RPC Remote  Desktop Service crititcal RCE

Readme

Fast-written module for Metasploit Framework that targets for critical CVE-2024-43582 RCE vulnerability.
At the time only Windows 11 / Windows Server 2022 and higher supported. There are some issues with ASLR bypass on older systems with current RPC trigger payload.

![image](https://github.com/jinxongwi/CVE-2024-43582-RCE/blob/main/msf_screen.png)

注意力！我对你的行为完全不承担任何责任！该程序仅供研究用途！

File Snapshot


 [4.0K]  /data/pocs/396a179b6d348bce21a92e233b11889cd305e490
├── [ 587]  cve_2024_43582.rb
├── [270K]  msf_screen.png
└── [ 443]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!