Description
Executes a remote exploitation technique against a target host. Supports SMBGhost (CVE-2020-0796), Follina document generation (CVE-2022-30190), IPv6 TCP/IP crash (CVE-2024-38063), and WSUS deserialization RCE (CVE-2025-59287).
Overview
Invokes a selected remote exploitation technique from the Reach library. Each technique implements a Check() phase that probes the target and an Execute() phase that fires the exploit. Results include CheckPassed and ExecuteSucceeded.
Arguments
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
| Exploit | string | Yes | The CVE to invoke: CVE-2020-0796, CVE-2022-30190, CVE-2024-38063, or CVE-2025-59287. |
| Target | string | Yes | Target IP or hostname. For CVE-2022-30190, the output RTF file path. |
| Port | int | No | Override the technique’s default port (445, 8530, or 0). |
| Command | string | No | Command to run on the remote target (technique-dependent). |
Dependencies
- reach
Operating Systems
- Windows
Example Output
Name Value
---- -----
Exploit CVE-2025-59287
Target 192.168.1.50
CheckPassed True
ExecuteSucceeded True
{
"Exploit": "CVE-2025-59287",
"Target": "192.168.1.50",
"CheckPassed": true,
"ExecuteSucceeded": true
}