## https://sploitus.com/exploit?id=55CC1D70-E983-5D6D-9E67-BFAF90205E7B
# CVE-2025-59287-WSUS
powershell version of hawktrace POC exploit
https://hawktrace.com/blog/CVE-2025-59287-UNAUTH
1: edit the variables in the script (url, port, etc)
2: start netcat listener
3: run script - it will auto download ysoserial.net, generate the payload and send exploit to WSUS server
this will generate a new computer in your console named hawktrace.local
4: (re)open the WSUS console to trigger the exploit.
the console will run into an error
but this triggers the reverse shell and connect you your kali:
# Testing / Infos
tested on (unpatched) server 2022, wsus version 10.0.20348.1
use at your own risk. no support, no guarantees.