---

Windows TCP/IP - RCE Checker and Denial of Service (CVE-2024-38063)

Description

This script checks for and exploits a Remote Code Execution (RCE) and Denial-of-Service (DoS) vulnerability in the Windows TCP/IP stack, specifically targeting IPv6 fragmentation handling. It is designed to verify if a system is vulnerable to CVE-2024-38063 and, if desired, trigger a system crash (BSOD).

Details

• Exploit Title: Windows IPv6 CVE-2024-38063 Checker and Denial-Of-Service
• Date: August 7, 2024
• Exploit Author: Photubias
• Vendor Homepage: Microsoft
• Vendor Advisory: CVE-2024-38063
• Affected Versions:
  • Windows 10, 11 versions below 10.0.26100.1457
  • Windows Server 2016, 2019, 2022 versions below 10.0.17763.6189
• Tested on:
  • Windows 11 23H2
  • Windows Server 2022

Features

• Automatically detects network adapters and selects the appropriate interface.
• Attempts to retrieve the target’s MAC address via IPv6 Neighbor Solicitation.
• Sends a sequence of specially crafted fragmented IPv6 packets to corrupt memory in tcpip.sys.
• Detects if the target is vulnerable before executing the DoS attack.
• If exploited successfully, the target system will crash (BSOD) within 60 seconds.

Requirements

• Python 3
• Scapy (pip install scapy)

Usage

python3 exploit.py <TARGET_IPV6>

Example:

python3 exploit.py fe80::78b7:6283:49ad:c565

If no target IPv6 is provided, the script uses a default placeholder.

Steps:

1. Run the script to check if the target is vulnerable.
2. If vulnerable, you can proceed with the Denial-of-Service attack.
3. The target system should crash within exactly 60 seconds after packet transmission.

Disclaimer

⚠️ This exploit is intended for educational and security research purposes only.
Do not use it on unauthorized systems. Unauthorized use may violate laws and regulations.

Reference and Script

• ExploitDB: 52075