Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      itsMe

      Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

      Recommended Posts

      Staff

      Hidden Content

        Give reaction to this post to see the hidden content.

      Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

      Creation of this Script is based on some reverse engineering over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 (docx file)

      You need to install lcab first (sudo apt-get install lcab)

      Check REPRODUCE.md for manual reproduce steps

      If your generated cab is not working, try pointing out exploit.html URL to calc.cab

      Finally try the docx in a Windows Virtual Machine:

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Share this post


      Link to post
      Share on other sites

      Join the conversation

      You can post now and register later. If you have an account, sign in now to post with your account.
      Note: Your post will require moderator approval before it will be visible.

      Guest
      Reply to this topic...

      ×   Pasted as rich text.   Paste as plain text instead

      ×   Your link has been automatically embedded.   Display as a link instead

      Sign in to follow this  

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. A tool for generating fake code signing certificates or signing real ones.
          A tool which creates a spoof code signing certificates and sign binaries and DLL files to help evade EDR products and avoid MSS and sock scruitney. LimeLighter can also use valid code signing certificates to sign files. Limelighter can use a fully qualified domain name such as acme.com.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Huan is an encrypted PE Loader Generator that I developed for learning PE file structure and PE loading processes. It encrypts the PE file to be run with different keys each time and embeds it in a new section of the loader binary. Currently, it works on 64 bit PE files.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. LazyCSRF
          LazyCSRF is a more useful CSRF PoC generator that runs on Burp Suite.
          Motivation
          Burp Suite is an intercepting HTTP Proxy, and it is the defacto tool for performing web application security testing. The feature of Burp Suite that I like the most is Generate CSRF PoC. However, it does not support JSON parameters. It also uses the <form>, so it cannot send PUT/DELETE requests. In addition, multibyte characters that can be displayed in Burp Suite itself are often garbled in the generated CSRF PoC. Those were the motivations for creating LazyCSRF.
          Features
              Support JSON parameter (like a request to the API)
              Support PUT/DELETE (only work with CORS enabled with an unrestrictive policy)
              Support displaying multibyte characters (like Japanese)
              Generating CSRF PoC with Burp Suite Community Edition (of course, it also works in Professional Edition)
          The difference in the display of multibyte characters
          The following image shows the difference in the display of multibyte characters between Burp’s CSRF PoC generator and LazyCSRF. LazyCSRF can generate PoC for CSRF without garbling multibyte characters. This is only the case if the characters are not garbled on Burp Suite.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By Nikoxx99
          Someone have the torrent for the Twitch Source code leaked in recent days?
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content. CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
          Features
          Feature Hidden Content
          Give reaction to this post to see the hidden content. Hidden Content
          Give reaction to this post to see the hidden content. Reverse Shell X X Download File X X Upload File X X Screenshot X X File Explorer X X Get OS Info X X Run Hidden X   Restart X X Shutdown X X Disclaimer
          THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. YOU MAY USE THIS SOFTWARE AT YOUR OWN RISK. THE USE IS COMPLETE RESPONSIBILITY OF THE END-USER. THE DEVELOPERS ASSUME NO LIABILITY AND ARE NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM.


          Hidden Content
          Give reaction to this post to see the hidden content.