漏洞平台

POC详情： 60a0c90503f8d98c286977181260a4339dc17177

来源

https://github.com/bo0l3an/CVE-2024-49112-PoC

关联漏洞

标题： Microsoft Lightweight Directory Access Protocol 输入验证错误漏洞 (CVE-2024-49112)
描述：Microsoft Lightweight Directory Access Protocol（LDAP）是美国微软（Microsoft）公司的一种目录服务协议，在 TCP/IP 堆栈之上的层上运行。 Microsoft Lightweight Directory Access Protocol存在输入验证错误漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响：Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607

描述

CVE-2024-49112 LDAP RCE PoC and Metasploit Module

介绍

# CVE-2024-49112-PoC
CVE-2024-49112 LDAP RCE PoC and Metasploit Module<br>
[Link to Download: ](https://etxarny.com/f/072b4a1d-5dc3-4a69-be74-184f7c8fcc9b)

## Contact Information
You can reach me at: [bollo.b0@proton.me](mailto:bollo.b0@proton.me)
please dont ask me if I can provide this for free, or if I can test your target, or how to add the module to metasploit(google it please).
what I can offer?:
if you need any help with setting up the python version (I can guide).
if you need help with the analyze (I can answer you questions regarding the analyze via email).


# CVE-2024-49112: Integer Overflow Vulnerability in Windows LDAP Service Leading to Unauthenticated RCE

The **Windows Lightweight Directory Access Protocol (LDAP)** service is vulnerable to an **integer overflow**, which can lead to **unauthenticated remote code execution (RCE)**. This vulnerability allows attackers to execute arbitrary code on a vulnerable system. here, we focus on exploiting the LDAP **server-side** vulnerability (unauthenticate and no user interaction).

## Vulnerability Overview
- **CVE Identifier**: **CVE-2024-49112**
- **Vulnerability Type**: **Integer Overflow**
- **Impact**: **Unauthenticated Remote Code Execution**
- **User Interaction**: **None required**

This vulnerability exists in both the **LDAP server** and the **LDAP client**. However, exploiting these components requires different approaches. here, we will focus on exploitation of the **LDAP server**, which can be targeted directly to achieve RCE without any user interaction.


## Exploit
I will include all my findings and technical details regarding the above mentioned component <br>
with the python script showed below in the video PoC and the custom metasploit module which <br>
I wrote for this to make it easier for post exploitations. <br>
# [Link to Download: ](https://etxarny.com/f/072b4a1d-5dc3-4a69-be74-184f7c8fcc9b)

## PoC Video
You can view PoC video here:  
![Watch the PoC](ldap.gif).

文件快照


 [4.0K]  /data/pocs/60a0c90503f8d98c286977181260a4339dc17177
├── [ 348]  CVE-2024-49112.rb
├── [1.2M]  ldap.gif
├── [ 359]  ldapwin.py
└── [1.9K]  README.md

0 directories, 4 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。