## https://sploitus.com/exploit?id=B30F4762-572C-5D0B-95DC-CF651DDAB16B
# CVE-2024-30088 โ WinRM Adapted PoC
## ๐ Summary
This is a modified version of the original CVE-2024-30088 exploit, adapted to work in **non-interactive environments (WinRM)**.
The original PoC spawns an interactive `cmd.exe`, which does not work over WinRM.
This version focuses on **non-interactive execution and stability**.
---
## ๐ง Changes from Original PoC
* Replaced `CREATE_NEW_CONSOLE` with `CREATE_NO_WINDOW`
* Added `WaitForSingleObject()` to ensure synchronous execution
* Added verbose logging (`printf + fflush`) for visibility over WinRM
* Removed interactive pauses (`getchar`)
* Hardcoded execution of external binary:
```
C:\temp\shellz.exe
```
via PowerShell:
```
powershell.exe -c Start-Process C:\temp\shellz.exe
```
---
## โ๏ธ Compile
Using Visual Studio (x64):
```bash
msbuild poc.sln /p:Configuration=Release /p:Platform=x64
```
---
## ๐ Usage
Upload the compiled binary and execute via WinRM:
```powershell
.\poc.exe
```
---