CVE-2023-38146

PoC for the ThemeBleed Windows 11 CVE-2023-38146 written in python using impacket

PoC for the ThemeBleed CVE-2023-38146 exploit (Windows 11 Themes) Heavily inspired by githubcom/gabe-k/themebleed which only runs on windows (the reason why i decided to write this) Used modified code from the impacket smbserverpy (githubcom/fortra/impacket/blob/master/impacket/smbserverpy) Useful stuff: githubcom/TalAloni/SMBLibrary/blob/master/SM

My HTB Writeups

HTB_Writeups My HTB Writeups, some in ENG and others in PT-BR Some writeups don't have a writeup, they only have a reference writeup Windows Machines Machine Resume Tools or Techniques Difficulty Absolute nmap, netexec, exiftool, john rules, kerbrute, impacket-GetNPUsers, john, impacket-getTGT, impacket-smbclient, bloodhound-python, bloodhound, impacket-owneredit,

Reverse shell i used in combination with the ThemeBleed exploit.

ThemeBleed Reverse Shell DLL Example reverse shell DLL I used in combination with the ThemeBleed exploit (githubcom/Jnnshschl/CVE-2023-38146) in a CTF Some functions will be loaded at runtime using my RTFN stuff, this makes analysis of this shell a big pain for reverse engineers Make sure to build as "Release" and adjust these vars to your need: constexpr a

Proof-of-Concept for CVE-2023-38146 ("ThemeBleed")

ThemeBleed Proof-of-Concept for CVE-2023-38146 ("ThemeBleed") Usage: ThemeBleedexe <command> Commands: server - Runs the server make_theme <host> <output path> - Generates a theme file referencing the specified host make_themepack <host> &l

A proof of concept using python for the CVE-2023-38146 "ThemeBleed"

A huge thanks to gabe_k for the initial PoC in C#, and actually finding this CVE, this is a remake of his code in python, reusing his stage files To see the initial PoC view his page for it here: githubcom/gabe-k/themebleed ThemeBleedPy A proof of concept using python for the CVE-2023-38146 "ThemeBleed" Requirements: This program uses Impackets SMB server a