CVE-2023-38146 with Impacket SMBServer

On a recent CTF machine, I had to exploit the Windows 11 ThemeBleed vulnerability (https://github.com/gabe-k/themebleed) for which at that time only one PoC existed that only ran under Windows. This was a pain for me because I hadn’t installed the required VPN on Windows. And as I’m interested in learning new stuff, I decided to dive into this. It can’t be too hard, right? TL;DR https://github.com/Jnnshschl/CVE-2023-38146/ 1 2 3 4 5 6 7 8 9 10 11 git clone https://github....

October 20, 2023 Â· Jannis