CVE-2018-0802 icon indicating copy to clipboard operation
CVE-2018-0802 copied to clipboard

Published 20 hours ago verified publisher icon rxwx

Not working

Open roninAPT opened this issue 4 years ago • 2 comments

Hey so I use the python_packager .py script but it doesn’t work. When I open doc on target machine , it just opens word document, does not load calc.exe (which I included as a test .exe) just a small box appears on Word document, and sometimes with numbers 1111 beside the box. Any ideas what’s wrong? Opening on Word 2007, Windows 7

Update: I followed the directions to replace eqnedt32.exe , and now it seems to be working. It works with example.rtf very well, launches calc.exe perfectly. I tried with iexplore.exe, and I used a -d flag and it seemed to work, but iexplore.exe opened behind the Word document, and froze on open. Can you provide a deobfuscated code for example.rtf? I would like to know how you crafted that file and replace your calc.exe with another .exe

roninAPT avatar Feb 20 '21 00:02 roninAPT

Here’s a video of how the iexplorer.exe launches, behind the Word .rtf file, and freezes on launch. Is this working correctly? If the iexplorer.exe launches at all, is it considered working properly?

roninAPT avatar Feb 20 '21 02:02 roninAPT

https://user-images.githubusercontent.com/77648833/108580557-f8b58180-72f9-11eb-927d-17a147b40509.mov

roninAPT avatar Feb 20 '21 02:02 roninAPT