Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

CVE-2021-40444 PoC

Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

Creation of this Script is based on some reverse engineering over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 (docx file)

You need to install lcab first ( sudo apt-get install lcab )

Check REPRODUCE.md for manual reproduce steps

If your generated cab is not working, try pointing out exploit.html URL to calc.cab

Using

First ge…

Read More

The post Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) first appeared on Blue Team News.

Read the article