关联漏洞
描述
Exploit POC for CVE-2024-22734 affecting AMCS Trux Software
介绍
# CVE-2024-22734
**Exploit PoC for CVE-2024-22734**
This repository contains the exploit source Proof of Concept (PoC) for **CVE-2024-22734**, a vulnerability discovered by **Bryan Smith** of **Redline Cyber Security**. For detailed information about the vulnerability, please refer to our blog post: [CVE-2024-22734: Exploit POC Write-Up](https://www.redlinecybersecurity.com/blog/cve-2024-22734).
## Vulnerability Overview
**CVE-2024-22734** is a critical security issue affecting **AMCS Trux Software** [https://www.amcsgroup.com/solutions/enterprise-management/trux/](https://www.amcsgroup.com/solutions/enterprise-management/trux/). This vulnerability allows a local attacker to decrypt the credentials of the master database account due to the use of **static hard-coded AES keys** in the application's DLL structures.
## Disclaimer
This PoC is provided for **educational and research purposes only**. Use of this PoC against unauthorized systems is strictly prohibited and may violate laws or agreements. The authors are not responsible for misuse or damages.
文件快照
[4.0K] /data/pocs/f399e7c87a840be3b5e83ae7b4a7fb120ee1d154
├── [ 184] App.config
├── [2.3K] CVE-2024-22734.csproj
├── [1.1K] CVE-2024-22734.sln
├── [1.0K] LICENSE.txt
├── [6.1K] Program.cs
├── [4.0K] Properties
│ └── [1.2K] AssemblyInfo.cs
└── [1.1K] README.md
1 directory, 7 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。