CVE-2024-24576-PoC for Nim Lang

This is a POC for nim lang to apply the BatBadBut command injection vulnerability in Windows where attackers can inject commands via batch files due to the way the CreateProcess function and cmd.exe parsing rules interact.

Which nim versionis affected:

All

How to test it:

Use the main.nim to test it like this:

First test Double Qoute Escape

55" & calc 87" & whoami

2nd test

%CMDCMDLINE:~-1%&calc.exe