CVE-2024-38077 PoC — Microsoft Remote Desktop Client 安全漏洞

Source

https://github.com/qi4L/CVE-2024-38077

Associated Vulnerability

Title:Microsoft Remote Desktop Client 安全漏洞 (CVE-2024-38077)
Description:Microsoft Remote Desktop Client是美国微软（Microsoft）公司的一款远程桌面客户端。 Microsoft Remote Desktop Client存在安全漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响：Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core install

Description

RDL的堆溢出导致的RCE

Readme

# CVE-2024-38077-EXP

基于[伪代码](https://sites.google.com/site/zhiniangpeng/blogs/MadLicense)后修复的代码。


# 有效范围

Windows Server 2025

# 使用

```
options:
  -h, --help            show this help message and exit
  --target_ip TARGET_IP
                        Target IP, eg: 192.168.120.1
  --evil_ip EVIL_IP     Evil IP, eg: 192.168.120.2
  --evil_dll_path EVIL_DLL_PATH
                        Evil dll path, eg: \smb\evil_dll.dll
  --check_vuln_exist CHECK_VULN_EXIST
                        Check vulnerability exist before exploit
```

# 参考

https://sites.google.com/site/zhiniangpeng/blogs/MadLicense

File Snapshot


 [4.0K]  /data/pocs/40f065e5f0d6b7ce2e91c0fb90e83a5cea3845e5
├── [ 28K]  CVE-2024-38077-EXP.py
└── [ 639]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!