iriecolorado
commented
2 years ago Isn't this a POC for a Windows/Office RCE vulnerability?
Closed iriecolorado closed 2 years ago
iriecolorado
commented
2 years ago Isn't this a POC for a Windows/Office RCE vulnerability?
chvancooten
commented
2 years ago It should work on Windows, that's how I developed and tested it. It looks like it's not finding one of the template files, did you clone the entire repository before running? In your case the file C:\TEMP\src\document.xml.rels.tpl should exist for the script to work.
rvshu13
commented
2 years ago AV treats template file as a threat (CVE-2021-40444) - that's why you get this error. Disabling AV solved this issue for me.
chvancooten
commented
2 years ago Thanks for the answer @rvshu13, that would explain it indeed. AV evasion is explicitly not part of this PoC, so I will close this issue :)
Traceback (most recent call last): File "C:\TEMP\follina.py", line 23, in
with open("src/document.xml.rels.tpl", "r") as f:
FileNotFoundError: [Errno 2] No such file or directory: 'src/document.xml.rels.tpl'
Am I missing something beyond the python3 .\follina.py needed to execute this?