Exploit Windows 10 Office 2016 using CVE-2017-0199

Video is ready, Click Here to View ×


all credits goes to bhdresh! for this fast and easy script.

writeup on how to do it manually:

Patch available since:

Exploit Windows 10 Office 2016 using CVE-2017-0199


  1. Hello everyone please i am using a windows machine 8.1 and unluckily i could not install Kali Linux on my system so i was wondering if there's a way i could make use of this CVE2017-0199 and make it FUD to be able to use HTA file with it and make it execute perfectly and silently please if theres someone that can give a little detail explanation on what i need to do i will really appreciate it please help me and you wont regret it please God bless y'all

  2. if using this exploit with a rat exe hosted on a cpanel/server and not apache or wamp or the types just your exe hosted on a domain cpanel 1.) does the second line with the -M exp need to be run ? much-less listening on 80 ( I believe a cpanel means service is listening on 80 to serve the exe via direct download link ) 2.) how to pass the cutom url wit exe to the -M gen param when using any exe and cpanel /server with the uploaded exe directory (http://www.xxxx.com/shell.exe and tmp/shell.exe 3.)also does one have to have logo.doc file on my cpanel/server in your example referred to as (http://IP /logo.doc = if i were using apache/wamp server) [used when passing the -M gen param when gen'n Invoice .rtf] and if so whats that logo.doc file and I wish i could just pass my link rat exe stub crypted from where i have it on my cpanel with the arguments provided for gen and exp and just have it generate rtf for malware delivery and have it all done on windows platform but even though I want to run this on windows because im using a rat I have PYTHON 2.7 INTERPRETER INSTALLED AT CLI IT ALWAYS GIVES ME THE SHITTY SYNTAX ERROR OF ERROR FROM LINE IN SCRIPT WHERE PARENTHESIS FUNCTION CALL ALWAYS RETURNS ERROR NO MATTER THE SCRIPT I RUN DONT KNOW WHY…even the bd sursh script i just copied from git hub…HELP

  3. i used vpn with kali linux and i never got it to work on remote box its only work on local from vpn and vmware when i test it on remote box it say recivied GET method and thats it which means it does not open the payload , only on local

    where is the prob ?

Leave a Reply

Your email address will not be published.