CVE-2024-43451

CVE-2024-43451 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 12, 2024, with confirmed use in ransomware campaigns. EIP tracks 1 public exploit from researchers including RonF98.

AI-analyzed exploit summary This repository provides a detailed technical writeup on CVE-2024-43451, a vulnerability in Microsoft Windows that allows attackers to capture NTLMv2 password hashes via SMB connections. It includes a step-by-step guide on setting up a POC environment using Responder and creating a malicious URL file to exploit the vulnerability.

NTLM Hash Disclosure Spoofing Vulnerability