CVE-2024-30078

CVE-2024-30078 Detection and Command Execution Script

CVE-2024-30078 Detection and Command Execution Script This project contains a NASL script that detects the CVE-2024-30078 vulnerability and executes a specified command if the target is vulnerable The script is designed to work with the Nessus tool, automatically handling target IP addresses and ports provided by Nessus during a scan Cyber Security Consultant Alperen Ugurlu

CVE-2024-30078

CVE-2024-30078 Detection and Command Execution Script

CVE-2024-30078 Detection and Command Execution Script This project contains a NASL script that detects the CVE-2024-30078 vulnerability and executes a specified command if the target is vulnerable The script is designed to work with the Nessus tool, automatically handling target IP addresses and ports provided by Nessus during a scan Cyber Security Consultant Alperen Ugurlu

CVE_2024_30078_A_POC

edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.

edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node The node in question happened to be a Windows 10 laptop and every time it would connect to the AP a GET request was made Using scapy I was able to make the Edge browser open up and proceed to a URL of my choosing upon connecting to a wireless access point NCSI fun