CVE-2024-24576 PoC — Rust 安全漏洞

Source

Associated Vulnerability

Readme

# CVE-2024-24576-Poc-Python
A quick POC for the vulnerability disclosed here https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/

After you run the script it will ask for an arg to be passed to the BAT file. 
In the screenshot you can see that by adding " the underlying API that windows uses to call cmd can be escaped allowing for arbitrary command execution, in this case we opened calc.exe
![image](https://github.com/brains93/CVE-2024-24567-PoC-Python/assets/60553334/9401ec38-5f9a-4032-a588-4fb11d6e84b2)


Obviously this code in itself is not malicious this is just to demonstrate that even sanitized input (unless you remove all "s) if it is calling a BAT file could be abused in this way possibly affecting public facing web applications 

Video walkthrough https://youtu.be/xjL4pdf7pJ0

WIP
There are other languages marked as having the same issues. I have tested Ruby but it seems unaffected I will be testing more to see where any issues lie

Golang code still to be tested. 
Ruby code seems unaffected by the same exploit path

Credit: 
* @Frostb1te for Rust POC https://github.com/frostb1ten/CVE-2024-24576-PoC
* RyotaK Initial Disclosure 

File Snapshot

 [4.0K]  /data/pocs/94bb68605b5510e1a086cf2d1b267bf4b2f8b8dc
├── [ 513]  24576.go
├── [ 478]  24576.py
├── [ 416]  24576.rb
├── [1.2K]  README.md
└── [  37]  test.bat

0 directories, 5 files

Remarks