Exploit PoC for CVE-2024-22734
This repository contains the exploit source Proof of Concept (PoC) for CVE-2024-22734, a vulnerability discovered by Bryan Smith of Redline Cyber Security. For detailed information about the vulnerability, please refer to our blog post: CVE-2024-22734: Exploit POC Write-Up.
CVE-2024-22734 is a critical security issue affecting AMCS Trux Software https://www.amcsgroup.com/solutions/enterprise-management/trux/. This vulnerability allows a local attacker to decrypt the credentials of the master database account due to the use of static hard-coded AES keys in the application's DLL structures.
This PoC is provided for educational and research purposes only. Use of this PoC against unauthorized systems is strictly prohibited and may violate laws or agreements. The authors are not responsible for misuse or damages.