Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-38063 PoC — Microsoft Windows TCP/IP component 数字错误漏洞

Source
https://github.com/jip-0-0-0-0-0/CVE-2024-38063-scanner
Associated Vulnerability
Title:Microsoft Windows TCP/IP component 数字错误漏洞 (CVE-2024-38063)
Description:Microsoft Windows tcp/ip是美国微软(Microsoft)公司的一个 Windows 的 Tcp/Ip 支持服务。 Microsoft Windows TCP/IP component存在数字错误漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 f
Description
A Python tool leveraging Shodan and Scapy to identify and exploit Windows systems vulnerable to CVE-2024-38063, enabling targeted Denial of Service attacks
Readme
## Overview

This project is a  Python script designed to identify and exploit vulnerable Windows systems using Shodan for reconnaissance and Scapy for crafting and sending malicious IPv6 packets targeting **CVE-2024-38063**. The tool automates the process of searching for vulnerable hosts, verifying their susceptibility, and executing a Denial of Service (DoS) attack to induce a Blue Screen of Death (BSOD).

## CVE-2024-38063 Explained

**CVE-2024-38063** is a critical vulnerability identified in certain versions of the Windows operating system. The vulnerability arises from improper handling of IPv6 Neighbor Discovery (ND) packets, specifically in the processing of fragmented IPv6 packets. An attacker can exploit this flaw by sending specially crafted IPv6 packets that cause the Windows system to crash, resulting in a Blue Screen of Death (BSOD).

### Why the Vulnerability Occurred

- **Improper Fragment Reassembly:** The Windows kernel fails to correctly reassemble fragmented IPv6 packets under specific conditions, leading to memory corruption.
- **Lack of Boundary Checks:** Insufficient validation of packet boundaries allows maliciously crafted packets to overwrite critical memory regions.
- **Race Conditions:** Timing discrepancies during packet processing can be exploited to trigger the vulnerability reliably.

## Installation

1. **Clone the Repository:**
git clone https://github.com/jip-0-0-0-0-0/CVE-2024-38063-scanner


2. **Install Dependencies:**
pip install -r requirements.txt


## Usage

Run the script with the necessary arguments:

```bash
python exploit.py --api-key YOUR_SHODAN_API_KEY --os "Windows 10" --max-version "10.0.26100" --pages 2 --batches 20 --corruptions 20
```
### Arguments

- `--api-key`: Shodan API Key (optional if set as environment variable).
- `--os`: Target OS name (default: "Windows 10").
- `--max-version`: Maximum OS version to target (default: "10.0.26100").
- `--pages`: Number of Shodan pages to search (default: 2).
- `--batches`: Number of packet batches to send (default: 20).
- `--corruptions`: Number of corruptions per batch (default: 20).

### Disclaimer

Use this tool responsibly and only on systems you have explicit permission to test. Unauthorized use is illegal and unethical. The authors are not liable for any misuse of this tool.

### License

This project is licensed under the [MIT License](LICENSE).
File Snapshot

 [4.0K]  /data/pocs/61dc024f6e70b73f36546a0935f022372d89427f
├── [9.0K]  exploit.py
├── [1.0K]  LICENSE
├── [2.3K]  README.md
└── [  28]  requirements.txt

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.