## https://sploitus.com/exploit?id=86031486-5B49-5020-B7D5-C36B91D22D6B
# CVE-2024-24576-Poc-Python
A quick POC for the vulnerability disclosed here https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
After you run the script it will ask for an arg to be passed to the BAT file.
In the screenshot you can see that by adding " the underlying API that windows uses to call cmd can be escaped allowing for arbitrary command execution, in this case we opened calc.exe
![image](https://github.com/brains93/CVE-2024-24567-PoC-Python/assets/60553334/9401ec38-5f9a-4032-a588-4fb11d6e84b2)
Obviously this code in itself is not malicious this is just to demonstrate that even sanitized input (unless you remove all "s) if it is calling a BAT file could be abused in this way possibly affecting public facing web applications
Video walkthrough https://youtu.be/xjL4pdf7pJ0
WIP
There are other languages marked as having the same issues. I have tested Ruby but it seems unaffected I will be testing more to see where any issues lie
Golang code still to be tested.
Ruby code seems unaffected by the same exploit path
Credit:
* @Frostb1te for Rust POC https://github.com/frostb1ten/CVE-2024-24576-PoC
* RyotaK Initial Disclosure