POC详情: 9ccda6828948f2e45126669177b3521352d79f66

来源
https://github.com/pswalia2u/CVE-2025-24071_POC
关联漏洞
标题: Microsoft Windows File Explorer 信息泄露漏洞 (CVE-2025-24071)
描述:Microsoft Windows File Explorer是美国微软(Microsoft)公司的一个文件管理器应用程序。 Microsoft Windows File Explorer存在信息泄露漏洞。攻击者利用该漏洞可以获取敏感信息。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server
介绍
## Video Tutorial
[![CVE-2025-24071 Demo](https://img.youtube.com/vi/p6pslNlcFro/0.jpg)](https://www.youtube.com/watch?v=p6pslNlcFro)

# Windows Library File Creator (CVE-2025-24071/CVE-2025-24054 Demo)

A minimalistic Rust application that demonstrates the creation of Windows Library files (.library-ms) with configurable network paths.

## Overview

This project creates Windows Library Description (.library-ms) files that point to network shares. It's designed to demonstrate how the CVE-2025-24071 vulnerability can be exploited through GitHub Actions.

⚠️ **Educational Purposes Only**: This code is for security research and educational purposes only.

## How It Works

1. The application reads two environment variables:
   - `IP_ADDRESS`: The network IP to include in the library file (defaults to 127.0.0.1)
   - `FILE_NAME`: The name of the output file (defaults to "Increment")

2. It creates a .library-ms XML file with the specified network path (\\\\IP_ADDRESS\\shared)

3. GitHub Actions runs this code and uploads the generated file as an artifact

## GitHub Actions Workflow

The included workflow:
- Runs on manual trigger (workflow_dispatch)
- Sets up a Rust environment
- Executes the code with secrets as environment variables
- Uploads the generated .library-ms file as an artifact

## Usage

1. Fork this repository
2. Add the following secrets to your repository:
   - `IP_ADDRESS`: Target IP address
   - `FILE_NAME`: Output filename (without extension)
   - `ARTIFACT_NAME`: Name for the uploaded artifact

3. Manually trigger the workflow from the Actions tab

## Disclaimer

This tool is provided for educational purposes to demonstrate a security vulnerability. Unauthorized use against systems without explicit permission is illegal and unethical.

## PATCH/FIX
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071

## References
https://research.checkpoint.com/2025/cve-2025-24054-ntlm-exploit-in-the-wild/
文件快照

 [4.0K]  /data/pocs/9ccda6828948f2e45126669177b3521352d79f66
├── [ 158]  Cargo.lock
├── [  84]  Cargo.toml
├── [1.9K]  README.md
└── [4.0K]  src
    └── [1.0K]  main.rs

1 directory, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。