## Video Tutorial
[](https://www.youtube.com/watch?v=p6pslNlcFro)
# Windows Library File Creator (CVE-2025-24071/CVE-2025-24054 Demo)
A minimalistic Rust application that demonstrates the creation of Windows Library files (.library-ms) with configurable network paths.
## Overview
This project creates Windows Library Description (.library-ms) files that point to network shares. It's designed to demonstrate how the CVE-2025-24071 vulnerability can be exploited through GitHub Actions.
⚠️ **Educational Purposes Only**: This code is for security research and educational purposes only.
## How It Works
1. The application reads two environment variables:
- `IP_ADDRESS`: The network IP to include in the library file (defaults to 127.0.0.1)
- `FILE_NAME`: The name of the output file (defaults to "Increment")
2. It creates a .library-ms XML file with the specified network path (\\\\IP_ADDRESS\\shared)
3. GitHub Actions runs this code and uploads the generated file as an artifact
## GitHub Actions Workflow
The included workflow:
- Runs on manual trigger (workflow_dispatch)
- Sets up a Rust environment
- Executes the code with secrets as environment variables
- Uploads the generated .library-ms file as an artifact
## Usage
1. Fork this repository
2. Add the following secrets to your repository:
- `IP_ADDRESS`: Target IP address
- `FILE_NAME`: Output filename (without extension)
- `ARTIFACT_NAME`: Name for the uploaded artifact
3. Manually trigger the workflow from the Actions tab
## Disclaimer
This tool is provided for educational purposes to demonstrate a security vulnerability. Unauthorized use against systems without explicit permission is illegal and unethical.
## PATCH/FIX
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071
## References
https://research.checkpoint.com/2025/cve-2025-24054-ntlm-exploit-in-the-wild/
[4.0K] /data/pocs/9ccda6828948f2e45126669177b3521352d79f66
├── [ 158] Cargo.lock
├── [ 84] Cargo.toml
├── [1.9K] README.md
└── [4.0K] src
└── [1.0K] main.rs
1 directory, 4 files