关联漏洞
标题:
Microsoft NTLM 安全漏洞
(CVE-2025-24054)
描述:Microsoft NTLM是美国微软(Microsoft)公司的一个在包括运行Windows操作系统的系统以及独立系统在内的网络上使用的身份验证协议。 Microsoft NTLM存在安全漏洞。攻击者利用该漏洞执行欺骗攻击。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2019 (
描述
🛠️ Exploit NTLM hash leaks via `.library-ms` files on unpatched Windows systems for research with this proof of concept and setup instructions.
介绍
# 🛡️ CVE-2025-24054_CVE-2025-24071-PoC - Simple Tool for Enhanced Security Awareness
[](https://github.com/yum1ra/CVE-2025-24054_CVE-2025-24071-PoC/releases)
## 📜 Description
CVE-2025-24054_CVE-2025-24071-PoC is a proof of concept tool designed to demonstrate the NTLM hash leak vulnerability present via the .library-ms files. This software provides a straightforward way to understand and explore the implications of these vulnerabilities, promoting better awareness of security practices in Windows environments.
## 🚀 Getting Started
Follow these simple steps to download and run our software.
### 🛠️ System Requirements
- **Operating System**: Windows 10 or later
- **Memory**: 2 GB RAM or more recommended
- **Storage**: At least 50 MB free space
- **Network**: Internet connection for downloading the tool
### 📥 Download & Install
To get started, you can download the application from our releases page.
[Visit this page to download](https://github.com/yum1ra/CVE-2025-24054_CVE-2025-24071-PoC/releases).
1. Click the link above to go to the Releases page.
2. Look for the latest version.
3. Choose the appropriate file for your system and click on it to download.
4. Save the file to a location on your computer where you can easily find it.
### 💻 Running the Application
After downloading, you will need to run the application:
1. Navigate to the location where you saved the downloaded file.
2. Double-click on the file to start the application.
3. Follow any prompts that appear on your screen to proceed.
4. The tool will launch, and you can begin exploring its features.
## 🔍 Features
- **Demonstrates Vulnerabilities**: Understand how NTLM hash leaks can occur.
- **User-Friendly Interface**: Designed for ease of navigation.
- **Informative Output**: Learn about the risks associated with these vulnerabilities.
## ⚙️ Usage Instructions
1. Upon launching the application, you will see a clean interface.
2. Click on the “Start Demonstration” button to begin.
3. Follow the on-screen instructions to simulate the exploitation process.
4. Review the results and insights provided by the application.
## 📝 Important Notes
- Ensure your system is updated for best performance.
- Use this tool for educational purposes only.
- Avoid running the tool in production environments.
## 📞 Support & Contact
If you encounter any issues or need assistance, feel free to reach out. You can submit an issue on GitHub via the [Issues section](https://github.com/yum1ra/CVE-2025-24054_CVE-2025-24071-PoC/issues).
## 🕵️♂️ Related Topics
This tool relates to several important topics in cybersecurity. It covers:
- CVE-2025-24054 and CVE-2025-24071 vulnerabilities
- NTLM protocol and its security implications
- Basic phishing awareness
- Exploits and their potential impact on users
By understanding these areas, users can better protect themselves and their information online.
For more information, visit our [Releases page](https://github.com/yum1ra/CVE-2025-24054_CVE-2025-24071-PoC/releases) again to ensure you are using the most updated version and accessing the latest documentation.
Stay safe online!
文件快照
[4.0K] /data/pocs/5c57619a1ad09a6c65afe6017b320fd4172cf7a9
├── [ 693] exploit.py
├── [3.2K] README.md
└── [ 364] xd.library-ms
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。