Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2017-0199

Description

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."

POC

Reference

- http://rewtin.blogspot.nl/2017/04/cve-2017-0199-practical-exploitation-poc.html

- https://www.exploit-db.com/exploits/41894/

- https://www.exploit-db.com/exploits/41934/

- https://www.exploit-db.com/exploits/42995/

Github

- https://github.com/00xtrace/Red-Team-Ops-Toolbox

- https://github.com/0kraven/MalDevJournal

- https://github.com/0x06K/MalDevJournal

- https://github.com/0x7n6/OSCP

- https://github.com/0xMrNiko/Awesome-Red-Teaming

- https://github.com/0xStrygwyr/OSCP-Guide

- https://github.com/0xZipp0/OSCP

- https://github.com/0xdeadgeek/Red-Teaming-Toolkit

- https://github.com/0xh4di/Red-Teaming-Toolkit

- https://github.com/0xp4nda/Red-Teaming-Toolkit

- https://github.com/0xsyr0/OSCP

- https://github.com/15866095848/15866095848

- https://github.com/1o24er/RedTeam

- https://github.com/20142995/sectool

- https://github.com/2lambda123/m0chan-Red-Teaming-Toolkit

- https://github.com/3m1za4/100-Best-Free-Red-Team-Tools-

- https://github.com/6R1M-5H3PH3RD/Red_Teaming_Tool_Kit

- https://github.com/AMatheusFeitosaM/OSCP-Cheat

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Adastra-thw/KrakenRdi

- https://github.com/Advisory-Emulations/APT-37

- https://github.com/Al1ex/APT-GUID

- https://github.com/Al1ex/Red-Team

- https://github.com/Amar224/Pentest-Tools

- https://github.com/AnonVulc/Pentest-Tools

- https://github.com/Apri1y/Red-Team-links

- https://github.com/AzyzChayeb/Redteam

- https://github.com/BRAINIAC22/CVE-2017-0199

- https://github.com/CVEDB/PoC-List

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/ChennaCSP/APT37-Emulation-plan

- https://github.com/ChoeMinji/aaaaaaaaaaa

- https://github.com/CyberSecurityUP/Adversary-Emulation-Matrix

- https://github.com/Cybervixy/Threat-Mapping-using-Mitre-ATT-CK-Framework

- https://github.com/DebianDave/Research_Topics

- https://github.com/DrVilepis/cyber-apocalypse-drvilepis

- https://github.com/Echocipher/Resource-list

- https://github.com/EnriqueSanchezdelVillar/NotesHck

- https://github.com/Exploit-install/CVE-2017-0199

- https://github.com/Fa1c0n35/Red-Teaming-Toolkit

- https://github.com/Faizan-Khanx/OSCP

- https://github.com/FlatL1neAPT/MS-Office

- https://github.com/GhostTroops/TOP

- https://github.com/H1CH444MREB0RN/PenTest-free-tools

- https://github.com/HildeTeamTNT/Red-Teaming-Toolkit

- https://github.com/ImranTheThirdEye/AD-Pentesting-Tools

- https://github.com/JERRY123S/all-poc

- https://github.com/Laud22/RedTips

- https://github.com/Loveforkeeps/Lemon-Duck

- https://github.com/Ly0nt4r/OSCP

- https://github.com/Lynk4/Windows-Server-2008-VAPT

- https://github.com/Mal-lol-git/URL-Parser

- https://github.com/Mehedi-Babu/pentest_tools_repo

- https://github.com/Micr067/Pentest_Note

- https://github.com/Mr-hunt-007/CyberSecurity-Tools

- https://github.com/MrPWH/Pentest-Tools

- https://github.com/Mrnmap/RedTeam

- https://github.com/Nacromencer/cve2017-0199-in-python

- https://github.com/No-Spear/static-engine

- https://github.com/NotAwful/CVE-2017-0199-Fix

- https://github.com/Ondrik8/RED-Team

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/PWN-Kingdom/Test_Tasks

- https://github.com/Panopticon-Project/Panopticon-Patchwork

- https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups

- https://github.com/Phantomlancer123/CVE-2017-0199

- https://github.com/R0B1NL1N/APTnotes

- https://github.com/ReflectedThanatos/OSCP-cheatsheet

- https://github.com/RxXwx3x/Redteam

- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories

- https://github.com/S3cur3Th1sSh1t/Pentest-Tools

- https://github.com/Saidul-M-Khan/Red-Teaming-Toolkit

- https://github.com/SantoriuHen/NotesHck

- https://github.com/SenukDias/OSCP_cheat

- https://github.com/SirElmard/ethical_hacking

- https://github.com/SneakyBeagle/SneakyBeagle_container

- https://github.com/Soldie/Red-Team-Tool-Kit---Shr3dKit

- https://github.com/Sunqiz/CVE-2017-0199-reprofuction

- https://github.com/SwordSheath/CVE-2017-8570

- https://github.com/SyFi/cve-2017-0199

- https://github.com/TBHIDK24/MalDevJournal

- https://github.com/TBHIDK57/MalDevJournal

- https://github.com/Th3k33n/RedTeam

- https://github.com/TheCyberWatchers/CVE-2017-0199-v5.0

- https://github.com/VishuGahlyan/OSCP

- https://github.com/Waseem27-art/ART-TOOLKIT

- https://github.com/Winter3un/cve_2017_0199

- https://github.com/Xiao-A-lbert/Dynamic-Attachment-Malware-Analysis

- https://github.com/YellowVeN0m/Pentesters-toolbox

- https://github.com/Ygodsec/-

- https://github.com/allwinnoah/CyberSecurity-Tools

- https://github.com/andr6/awesome-stars

- https://github.com/arcangel2308/Shr3dit

- https://github.com/atesemre/Red-Teaming-tools

- https://github.com/bakedmuffinman/Neo23x0-sysmon-config

- https://github.com/bhdresh/CVE-2017-0199

- https://github.com/blockchainguard/blockchainhacked

- https://github.com/bloomer1016/2017-11-17-Maldoc-Using-CVE-2017-0199

- https://github.com/charleskasuba/hacker-zone

- https://github.com/cone4/AOT

- https://github.com/coolx28/Red-Team-tips

- https://github.com/cunyterg/oletools

- https://github.com/cunyterg/python-oletools

- https://github.com/cyb3rpeace/oletools

- https://github.com/cyberanand1337x/bug-bounty-2022

- https://github.com/czq945659538/-study

- https://github.com/dark-vex/CVE-PoC-collection

- https://github.com/davidemily/Research_Topics

- https://github.com/decalage2/oletools

- https://github.com/deep1792/agent-tesla-deobsfucator

- https://github.com/deepinstinct/Israel-Cyber-Warfare-Threat-Actors

- https://github.com/devmehedi101/Red-Teaming-documentation

- https://github.com/dk47os3r/hongduiziliao

- https://github.com/e-hakson/OSCP

- https://github.com/elinakrmova/RedTeam-Tools

- https://github.com/eljosep/OSCP-Guide

- https://github.com/emtee40/win-pentest-tools

- https://github.com/exfilt/CheatSheet

- https://github.com/fazilbaig1/oscp

- https://github.com/fideliscyber/yalda

- https://github.com/geeksniper/Red-team-toolkit

- https://github.com/getanehAl/Red-Team-OPS

- https://github.com/gold1029/Red-Teaming-Toolkit

- https://github.com/greekgothguy/cool_sites_and_tools

- https://github.com/gyaansastra/Red-Team-Toolkit

- https://github.com/hack-parthsharma/Pentest-Tools

- https://github.com/haibara3839/CVE-2017-0199-master

- https://github.com/hasee2018/Safety-net-information

- https://github.com/herbiezimmerman/2017-11-17-Maldoc-Using-CVE-2017-0199

- https://github.com/highmeh/cvesearch

- https://github.com/hktalent/TOP

- https://github.com/houjingyi233/office-exploit-case-study

- https://github.com/hudunkey/Red-Team-links

- https://github.com/hurih-kamindo22/olltools

- https://github.com/hurih-kamindo22/olltools1

- https://github.com/jacobsoo/RTF-Cleaner

- https://github.com/jared1981/More-Pentest-Tools

- https://github.com/jbmihoub/all-poc

- https://github.com/jitmondal1/OSCP

- https://github.com/jnadvid/RedTeamTools

- https://github.com/john-80/-007

- https://github.com/kash-123/CVE-2017-0199

- https://github.com/kbandla/APTnotes

- https://github.com/kdandy/pentest_tools

- https://github.com/kgwanjala/oscp-cheatsheet

- https://github.com/kimreq/red-team

- https://github.com/kn0wm4d/htattack

- https://github.com/landscape2024/RedTeam

- https://github.com/likekabin/CVE-2017-0199

- https://github.com/likekabin/Red-Teaming-Toolkit

- https://github.com/likekabin/Red-Teaming-Toolkit_all_pentests

- https://github.com/likescam/CVE-2017-0199

- https://github.com/likescam/Red-Teaming-Toolkit

- https://github.com/likescam/Red-Teaming-Toolkit_all_pentests

- https://github.com/lnick2023/nicenice

- https://github.com/lp008/Hack-readme

- https://github.com/maximillianzh/Email-Phishing-Analysis

- https://github.com/merlinepedra/Pentest-Tools

- https://github.com/merlinepedra25/Pentest-Tools

- https://github.com/merlinepedra25/Pentest-Tools-1

- https://github.com/misteri2/olltools

- https://github.com/misteri2/olltools1

- https://github.com/mooneee/Red-Teaming-Toolkit

- https://github.com/mrinconroldan/red-teaming-toolkit

- https://github.com/mucahittopal/Pentesting-Pratic-Notes

- https://github.com/mzakyz666/PoC-CVE-2017-0199

- https://github.com/n1shant-sinha/CVE-2017-0199

- https://github.com/nccgroup/CVE-2017-8759

- https://github.com/ngadminq/Bei-Gai-penetration-test-guide

- https://github.com/nhthongDfVn/File-Converter-Exploit

- https://github.com/nicpenning/RTF-Cleaner

- https://github.com/nitishbadole/Pentest_Tools

- https://github.com/nitishbadole/oscp-note-3

- https://github.com/nitishbadole/pentesting_Notes

- https://github.com/nixawk/labs

- https://github.com/nobiusmallyu/kehai

- https://github.com/oneplus-x/MS17-010

- https://github.com/oscpname/OSCP_cheat

- https://github.com/papa-anniekey/CustomSignatures

- https://github.com/parth45/cheatsheet

- https://github.com/pathakabhi24/Pentest-Tools

- https://github.com/pjgmonteiro/Pentest-tools

- https://github.com/pondoksiber/Catatan_CVE

- https://github.com/qazbnm456/awesome-cve-poc

- https://github.com/qiantu88/office-cve

- https://github.com/r0eXpeR/supplier

- https://github.com/r0r0x-xx/Red-Team-OPS-Modern-Adversary

- https://github.com/r3p3r/yeyintminthuhtut-Awesome-Red-Teaming

- https://github.com/realCheesyQuesadilla/Research_Topics

- https://github.com/retr0-13/Pentest-Tools

- https://github.com/revanmalang/OSCP

- https://github.com/rosetscmite/logsender

- https://github.com/ryhanson/CVE-2017-0199

- https://github.com/sUbc0ol/Microsoft-Word-CVE-2017-0199-

- https://github.com/scriptsboy/Red-Teaming-Toolkit

- https://github.com/sec00/AwesomeExploits

- https://github.com/seclib/oletools

- https://github.com/securi3ytalent/Red-Teaming-documentation

- https://github.com/severnake/Pentest-Tools

- https://github.com/shr3ddersec/Shr3dKit

- https://github.com/sid1721998/Phishing-Email-Analysis-SOC141-Phishing-URL-Detected

- https://github.com/sifatnotes/cobalt_strike_tutorials

- https://github.com/slimdaddy/RedTeam

- https://github.com/stealth-ronin/CVE-2017-0199-PY-KIT

- https://github.com/sv3nbeast/Attack-Notes

- https://github.com/svbjdbk123/-

- https://github.com/t31m0/Red-Teaming-Toolkit

- https://github.com/theguly/stars

- https://github.com/theyoge/AD-Pentesting-Tools

- https://github.com/thezimtex/red-team

- https://github.com/tib36/PhishingBook

- https://github.com/to-be-the-one/weaponry

- https://github.com/triw0lf/Security-Matters-22

- https://github.com/twensoo/PersistentThreat

- https://github.com/txuswashere/OSCP

- https://github.com/u53r55/Security-Tools-List

- https://github.com/unusualwork/red-team-tools

- https://github.com/viethdgit/CVE-2017-0199

- https://github.com/vysecurity/RedTips

- https://github.com/wddadk/Phishing-campaigns

- https://github.com/weeka10/-hktalent-TOP

- https://github.com/winterwolf32/Red-teaming

- https://github.com/wirasecure/hongdui

- https://github.com/wwong99/hongdui

- https://github.com/x86trace/Red-Team-Ops-Toolbox

- https://github.com/xbl3/Red-Teaming-Toolkit_infosecn1nja

- https://github.com/xbl3/awesome-cve-poc_qazbnm456

- https://github.com/xhref/OSCP

- https://github.com/xiaoZ-hc/redtool

- https://github.com/xiaoy-sec/Pentest_Note

- https://github.com/yut0u/RedTeam-BlackBox

- https://github.com/zhang040723/web