来源

关联漏洞

描述

CVE-2024-49112 Windows LDAP RCE PoC and Metasploit Module

介绍

# CVE-2024-49112-RCE-PoC
CVE-2024-49112 Windows LDAP RCE PoC and Metasploit Module<br>
[Link to Download: ](https://etxarny.com/f/9db0d937-4025-4fed-88e0-283a6015aa3c)

## Contact Information
You can reach me at: [bollo.b0@proton.me](mailto:bollo.b0@proton.me)

# CVE-2024-49112: Integer Overflow Vulnerability in Windows LDAP Service Leading to Unauthenticated RCE

The **Windows Lightweight Directory Access Protocol (LDAP)** service is vulnerable to an **integer overflow**, which can lead to **unauthenticated remote code execution (RCE)**. This vulnerability allows attackers to execute arbitrary code on a vulnerable system. here, we focus on exploiting the LDAP **server-side** vulnerability (unauthenticate and no user interaction).

## Vulnerability Overview
- **CVE Identifier**: **CVE-2024-49112**
- **Vulnerability Type**: **Integer Overflow**
- **Impact**: **Unauthenticated Remote Code Execution**
- **User Interaction**: **None required**

This vulnerability exists in both the **LDAP server** and the **LDAP client**. However, exploiting these components requires different approaches. here, we will focus on exploitation of the **LDAP server**, which can be targeted directly to achieve RCE without any user interaction.


## Exploit
I will include all my findings and technical details regarding the above mentioned component <br>
with the python script showed below in the video PoC and the custom metasploit module which <br>
I wrote for this to make it easier for post exploitations. <br>
# [Link to Download: ](https://etxarny.com/f/9db0d937-4025-4fed-88e0-283a6015aa3c)

## PoC Video
You can view PoC video here:  
![Watch the PoC](ldap.gif).

文件快照

 [4.0K]  /data/pocs/b78b329c770f9deda0fdf162ebb79c2c96d9974b
├── [1.2M]  ldap.gif
└── [1.6K]  README.md

0 directories, 2 files

备注