CVE-2024-42049

This exploit manipulates the TightVNC control pipe to execute commands such as disconnecting clients, shutting down the server, or retrieving server configuration, including encrypted passwords which are then decrypted using a hardcoded DES key.

This repository contains a functional PoC exploit for CVE-2024-42049, targeting TightVNC Server for Windows. The exploit interacts with named pipes to execute commands such as disconnecting clients, retrieving server info, and decrypting passwords from server configurations.