关联漏洞
标题:Rust 安全漏洞 (CVE-2024-24576)Description:Rust是美国Mozilla基金会的一款通用、编译型编程语言。 Rust 1.77.2之前版本存在安全漏洞,该漏洞源于没有正确转义Windows上批处理文件的参数,攻击者可以通过绕过转义来执行任意shell命令。
Description
CVE-2024-24576 PoC for Nim Lang
介绍
**Exploring Command Injection Vulnerabilities in Windows with Nim**
* https://foxoman.hashnode.dev/exploring-command-injection-vulnerabilities-in-windows-with-nim?showSharer=true
Here's a summarized table based on the testing results from the Nim code experiments with different payloads:
| Payload | execProcess_NoQuoteShell | execProcess_QuoteShell | execShellCmd |
|------------------------|--------------------------|------------------------|--------------|
| `nim &calc` | Not Passed | Not Passed | Passed |
| `nim" &calc` | Passed | Not Passed | Not Passed |
| `%CMDCMDLINE:~-1%&calc`| Passed | Passed | Passed |
"Passed" indicates the payload executed in a way that could potentially exploit the BatBadBut vulnerability, demonstrating the nuanced behavior of command execution methods in Nim in response to different types of inputs.
----
- CVE-2024-24576 PoC on GitHub: [https://github.com/frostb1ten/CVE-2024-24576-PoC](https://github.com/frostb1ten/CVE-2024-24576-PoC)
- Flatt Security Research article: [https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/](https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/)
文件快照
[4.0K] /data/pocs/d2646d5cbfdd1cc6d3aa05642afab70d554a7062
├── [ 953] main.nim
├── [1.3K] README.md
└── [ 37] test.bat
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。