Windows SmartScreen Internet Shortcut (.url) Security Feature Bypass

This repository provides an exploit for CVE-2023-36025, a Windows SmartScreen Security Feature Bypass vulnerability. The main exploit is implemented in 'CVE-2023-36025.vbs', a VBScript file that launches a Python-based reverse shell. The script, when executed on a vulnerable Windows system, connects back to a specified attacker's IP address and TCP port (default: 172.27.136.131:8888), providing the attacker with a remote shell. The repository also includes a .url shortcut file pointing to the VBScript, and a README with usage instructions. The exploit requires the attacker to set up a reverse TCP handler (such as Metasploit's multi/handler) to receive the shell. The payload is operational and provides remote command execution on the target system. The repository is small, with three files: the exploit script, a shortcut, and documentation.

This repository is a proof-of-concept (PoC) for CVE-2023-36025, a vulnerability affecting Microsoft Windows. The repository contains a README describing the exploit and a .url file (testing.url) that references a script inside a ZIP archive via a file:// URL. The exploit demonstrates how a specially crafted .url file can be used to trigger the vulnerability when the referenced ZIP file is hosted on a server accessible to the victim. There is no executable code; the exploit relies on the victim opening the .url file, which then attempts to access and potentially execute a script from within the ZIP file. The repository is minimal and intended for demonstration and testing purposes only.