CVE-2025-24035 PoC — Microsoft Windows Remote Desktop Services 安全漏洞

Source

https://github.com/MSeymenD/cve-2025-24035-rds-websocket-dos-test

Associated Vulnerability

Title:Microsoft Windows Remote Desktop Services 安全漏洞 (CVE-2025-24035)
Description:Microsoft Windows Remote Desktop Services是美国微软（Microsoft）公司的一个允许用户远程访问图形桌面和Windows应用程序的功能集合。 Microsoft Windows Remote Desktop Services存在安全漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响：Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Syst

Description

🛡️ Safe simulation for CVE-2025-24035 to test RD Gateway WebSocket handling with oversized headers.

Readme

# CVE-2025-24035 WebSocket Stress Test (Safe)

🚨 **DISCLAIMER**: This is NOT an exploit. This script is a simulation and should only be used for educational purposes in a safe lab environment.

## Purpose

This test sends a deliberately oversized WebSocket header to simulate a malformed request toward RD Gateway services (such as those affected by CVE-2025-24035).

## Legal

⚠️ Do not use this against systems without explicit authorization. Unauthorized use may be illegal.

## Usage

```bash
python3 test_abnormal_rds_websocket.py
```

Edit the IP address in the script according to your local lab setup.

File Snapshot


 [4.0K]  /data/pocs/bd701863f29668282182bc6d083dcc79dcb76123
├── [ 242]  LICENSE
├── [ 617]  README.md
└── [1.0K]  test_abnormal_rds_websocket.py

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!