Share
## https://sploitus.com/exploit?id=CB0C3D64-CDBD-55A3-929D-15A63AD066F3
# CVE-2024-24576-PoC-BatBadBut

PoC for CVE-2024-24576 vulnerability "BatBadBut"

## Information

After running the script will ask you for an argument, the argument will be passed the the bat file, if you close the argument with " and after that & you can run any Windows command.
For example:
```cmd
helloworld" & whoami
```

As a result, you will get the whoami command.

Of course in real time it would not look like that, this is just PoC for the CVE.

## Usage

Clone the repository:
``` cmd
git clone https://github.com/SheL3G/CVE-2024-24576-PoC-BatBadBut.git
```

Running the script:
```py
Python CVE-2024-24576.py
```
To make it work type something close with " and then "&" and any command like calc.exe, hostname, whoami...
```cmd
HelloWorld" & hostname
```
The Flow of the CVE and the possible way to make it work
![Flow](https://flatt.tech/research/batbadbut-you-cant-securely-execute-commands-on-windows/flowchart.svg)

## Credits

* [NIST](https://nvd.nist.gov/vuln/detail/CVE-2024-24576)

* [flatt.tech](https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/)

* [Mental Outlow](https://www.youtube.com/watch?v=jqsoSmOBFrQ)

## License

[MIT](https://choosealicense.com/licenses/mit/)