CVE-2024-22734 PoC — AMCS Group Trux Waste Management Software 安全漏洞

Source

Associated Vulnerability

Description

Exploit POC for CVE-2024-22734 affecting AMCS Trux Software

Readme

# CVE-2024-22734  
**Exploit PoC for CVE-2024-22734**
![image](https://github.com/user-attachments/assets/573bf82e-e7b8-48bf-8d9d-231d5edb8f34)


This repository contains the exploit source Proof of Concept (PoC) for **CVE-2024-22734**, a vulnerability discovered by **Bryan Smith** of **Redline Cyber Security**. For detailed information about the vulnerability, please refer to our blog post: [CVE-2024-22734: Exploit POC Write-Up](https://www.redlinecybersecurity.com/blog/cve-2024-22734).

## Vulnerability Overview  
**CVE-2024-22734** is a critical security issue affecting **AMCS Trux Software** [https://www.amcsgroup.com/solutions/enterprise-management/trux/](https://www.amcsgroup.com/solutions/enterprise-management/trux/). This vulnerability allows a local attacker to decrypt the credentials of the master database account due to the use of **static hard-coded AES keys** in the application's DLL structures.

## Disclaimer  
This PoC is provided for **educational and research purposes only**. Use of this PoC against unauthorized systems is strictly prohibited and may violate laws or agreements. The authors are not responsible for misuse or damages.

File Snapshot

 [4.0K]  /data/pocs/f399e7c87a840be3b5e83ae7b4a7fb120ee1d154
├── [ 184]  App.config
├── [2.3K]  CVE-2024-22734.csproj
├── [1.1K]  CVE-2024-22734.sln
├── [1.0K]  LICENSE.txt
├── [6.1K]  Program.cs
├── [4.0K]  Properties
│   └── [1.2K]  AssemblyInfo.cs
└── [1.1K]  README.md

1 directory, 7 files

Remarks