当前位置:网站首页>Cve-2017-11882 reappearance
Cve-2017-11882 reappearance
2022-07-06 00:42:00 【*——*】
preparation :
Need to download CVE_2017-11882 test exp
https://github.com/Ridter/CVE-2017-11882/archive/refs/heads/master.zip
metasploit Under no CVE_2017-11882 Modules need to be downloaded and supplemented
GitHub - 0x09AL/CVE-2017-11882-metasploit: This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.https://github.com/0x09AL/CVE-2017-11882-metasploit
Move the file to the corresponding directory
mv cve-2017-11882.rtf /usr/share/metasploit-framework/data/exploits
mv cve_2017_11882.rb /usr/share/metasploit-framework/modules/exploits/windows/smb
And then restart postgresql service , start-up msf, Search for cve_2017_11882 modular
If there is no prompt, use reload_all Reload all modules
Search again to see the module appear
Recurrence environment :
win 10 Drone aircraft :192.168.1.11
kali virtual machine :192.168.1.10
Repeat step :
1、 To look at first word Whether the function is complete , If it is incomplete, you need to download it again office Installation
Insert the following object , See if there is a formula 3.0,
2、 Double click to open the just downloaded CVE_2017-11882 test exp Inside exploit.rtf You can open the calculator
3、 Use scripts to generate vulnerability documents
IP Address for yourself kali Address
4、 Here we need to pay attention to IP Address and uri Keep the path consistent with the next step
5、 stay kali Input run monitor , At the same time win10 Double click on the vulnerability document ,kali Online host , Review complete
Download the required files
link :https://pan.baidu.com/s/1rTmlbeKVuxNX0I7wEFuHLg
Extraction code :7exk
边栏推荐
- MCU realizes OTA online upgrade process through UART
- The third season of ape table school is about to launch, opening a new vision for developers under the wave of going to sea
- [Chongqing Guangdong education] reference materials for Zhengzhou Vocational College of finance, taxation and finance to play around the E-era
- [groovy] XML serialization (use markupbuilder to generate XML data | create sub tags under tag closures | use markupbuilderhelper to add XML comments)
- Reading notes of the beauty of programming
- Spark获取DataFrame中列的方式--col,$,column,apply
- About the slmgr command
- Anconda download + add Tsinghua +tensorflow installation +no module named 'tensorflow' +kernelrestart: restart failed, kernel restart failed
- 《强化学习周刊》第52期:Depth-CUPRL、DistSPECTRL & Double Deep Q-Network
- 新手入门深度学习 | 3-6:优化器optimizers
猜你喜欢
Starting from 1.5, build a micro Service Framework - call chain tracking traceid
Date类中日期转成指定字符串出现的问题及解决方法
[EI conference sharing] the Third International Conference on intelligent manufacturing and automation frontier in 2022 (cfima 2022)
MCU通过UART实现OTA在线升级流程
Analysis of the combination of small program technology advantages and industrial Internet
Keepalive component cache does not take effect
notepad++正则表达式替换字符串
Problems and solutions of converting date into specified string in date class
MCU realizes OTA online upgrade process through UART
Atcoder beginer contest 258 [competition record]
随机推荐
Data analysis thinking analysis methods and business knowledge -- analysis methods (II)
Introduction of motor
数据分析思维分析方法和业务知识——分析方法(三)
curlpost-php
A preliminary study of geojson
Lone brave man
数据分析思维分析方法和业务知识——分析方法(二)
[groovy] JSON serialization (jsonbuilder builder | generates JSON string with root node name | generates JSON string without root node name)
STM32 key chattering elimination - entry state machine thinking
FFmpeg抓取RTSP图像进行图像分析
Curlpost PHP
Leetcode:20220213 week race (less bugs, top 10% 555)
OS i/o devices and device controllers
《强化学习周刊》第52期:Depth-CUPRL、DistSPECTRL & Double Deep Q-Network
【文件IO的简单实现】
Codeforces round 804 (Div. 2) [competition record]
OpenCV经典100题
从 1.5 开始搭建一个微服务框架——调用链追踪 traceId
How spark gets columns in dataframe --column, $, column, apply
Synchronized and reentrantlock