POC详情: ad89f41d8f8d35163b92194fe7c6a1c6432f4872

来源
https://github.com/drgreenthumb93/CVE-2022-30190-follina
关联漏洞
标题: Microsoft Windows Support Diagnostic Tool 操作系统命令注入漏洞 (CVE-2022-30190)
描述:Microsoft Windows Support Diagnostic Tool是美国微软(Microsoft)公司的收集信息以发送给 Microsoft 支持的工具。 Microsoft Windows Support Diagnostic Tool (MSDT)存在操作系统命令注入漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows
描述
Just another PoC for the new MSDT-Exploit
介绍
# CVE-2022-30190-follina
Just another PoC for the new MSDT-Exploit


To edit the Doc, just open with 7z, xarchiver, ... to change the value in word\rels\document.xml.rels to your IP.

The exploit must contain at least 3541 characters <b>before</b> the window.location.href, and they must be within the script tag. Now there are about 9000, just to be sure.


More about the exploit:

https://www.borncity.com/blog/2022/06/01/follina-schwachstelle-cve-2022-30190-warnungen-erste-angriffe-der-status/ (german)
<br>
https://packetstormsecurity.com/files/167317/msdt-poc.txt

Mitigation and workaround:

https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/


Windows Defender already knows that this is a security flaw (Trojan:Win32/Mesdetty.D), so you have to edit the file, in case you get busted.

REMEMBER: ONLY FOR EDUCATIONAL PURPOSES!!! ;)

## To-Do:

- Obfuscation
- Invoke PS Script
文件快照

 [4.0K]  /data/pocs/ad89f41d8f8d35163b92194fe7c6a1c6432f4872
├── [8.1K]  bad.html
├── [9.9K]  click_to_exploit.docx
├── [1.2K]  exploit_oneline.md
└── [ 955]  README.md

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。