CVE-2023-38146

This repository contains a functional proof-of-concept exploit for CVE-2023-38146 (ThemeBleed), which leverages a vulnerability in Windows theme files to achieve remote code execution. The PoC includes a server component and tools to generate malicious .theme and .themepack files, along with staged payloads to bypass signature checks.

This repository contains a functional exploit for CVE-2023-38146 (ThemeBleed), which leverages a vulnerability in Windows 11 theme files to achieve remote code execution. The exploit includes a Python-based SMB server that dynamically replaces a legitimate DLL with a malicious one, and a C++ reverse shell template for payload delivery.

This repository contains a Python-based proof-of-concept exploit for CVE-2023-38146 (ThemeBleed), which leverages unsafe DLL loading in Windows theme files. The exploit uses an SMB server to serve malicious files, leading to remote code execution when a vulnerable system processes a crafted .theme file.

This Metasploit module exploits CVE-2023-38146, a TOCTOU vulnerability in Windows 11 theme handling, by serving a malicious DLL via SMB when a theme file references an msstyles file with PACKME_VERSION set to 999.