.+===================================================+.
|| ||
|| _ _--""--_ .doc + email + ??? = profit! ||
|| " --"" | | .+---+. ||
|| " . _| | | | \o/ ---> (+) |---> [+] ||
|| _ | _--""--_| | || |---> [?] ||
|| " --"" | | | \o/ ---> (-) /---> [#] ||
|| " . _| | | | || \---> [#] ||
|| _ | _--""--_| +-----+-+-----------------+-+||
|| " --"" Dropper of your nightmares ||
|| ||
`+===================================================+`
# Exploit toolkit CVE-2017-0199 - v3.0b @tfairane
# Fork: https://github.com/tfairane/CVE-2017-0199
# Orig: https://github.com/bhdresh/CVE-2017-0199
# generate or exploit
+| -m generate
| Generate Malicious RTF file
++| -o <dropper.rtf>
| Name of malicious RTF file
++| -c <http://CnC/>
| URL of CnC, listening for victim
++| -x yes/no (default = no)
| Generate obfuscated RTF file
+| -m exploit
| Start exploit mode
++| -r <http://url/stage1.ps1>
| url to PS script
++| -p <TCP port (Default 80)>
| Local port number
This program is for Educational purpose ONLY. Do not use it without permission.
The usual disclaimer applies, especially the fact that me (@tfairane) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs.
The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using this program you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not my responsibility.