[ { "id": 111305094, "name": "cve-2017-11882", "full_name": "zhouat\/cve-2017-11882", "owner": { "login": "zhouat", "id": 8078184, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8078184?v=4", "html_url": "https:\/\/github.com\/zhouat" }, "html_url": "https:\/\/github.com\/zhouat\/cve-2017-11882", "description": null, "fork": false, "created_at": "2017-11-19T14:57:41Z", "updated_at": "2017-11-21T09:11:26Z", "pushed_at": "2017-11-18T14:21:03Z", "stargazers_count": 3, "watchers_count": 3, "forks_count": 1, "forks": 1, "watchers": 3, "score": 0 }, { "id": 111435936, "name": "CVE-2017-11882", "full_name": "embedi\/CVE-2017-11882", "owner": { "login": "embedi", "id": 24190344, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190344?v=4", "html_url": "https:\/\/github.com\/embedi" }, "html_url": "https:\/\/github.com\/embedi\/CVE-2017-11882", "description": "Proof-of-Concept exploits for CVE-2017-11882", "fork": false, "created_at": "2017-11-20T16:35:30Z", "updated_at": "2021-05-10T13:10:29Z", "pushed_at": "2017-11-29T16:13:23Z", "stargazers_count": 482, "watchers_count": 482, "forks_count": 197, "forks": 197, "watchers": 482, "score": 0 }, { "id": 111505810, "name": "CVE-2017-11882", "full_name": "Ridter\/CVE-2017-11882", "owner": { "login": "Ridter", "id": 6007471, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", "html_url": "https:\/\/github.com\/Ridter" }, "html_url": "https:\/\/github.com\/Ridter\/CVE-2017-11882", "description": "CVE-2017-11882 from https:\/\/github.com\/embedi\/CVE-2017-11882", "fork": false, "created_at": "2017-11-21T05:55:53Z", "updated_at": "2021-05-26T06:25:29Z", "pushed_at": "2017-11-29T03:33:53Z", "stargazers_count": 493, "watchers_count": 493, "forks_count": 247, "forks": 247, "watchers": 493, "score": 0 }, { "id": 111525857, "name": "2017-11882_Generator", "full_name": "BlackMathIT\/2017-11882_Generator", "owner": { "login": "BlackMathIT", "id": 26303870, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26303870?v=4", "html_url": "https:\/\/github.com\/BlackMathIT" }, "html_url": "https:\/\/github.com\/BlackMathIT\/2017-11882_Generator", "description": "CVE-2017-11882 File Generator PoC", "fork": false, "created_at": "2017-11-21T09:15:28Z", "updated_at": "2021-02-24T12:48:33Z", "pushed_at": "2017-11-22T08:38:18Z", "stargazers_count": 32, "watchers_count": 32, "forks_count": 25, "forks": 25, "watchers": 32, "score": 0 }, { "id": 111566147, "name": "CVE-2017-11882", "full_name": "unamer\/CVE-2017-11882", "owner": { "login": "unamer", "id": 12728984, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12728984?v=4", "html_url": "https:\/\/github.com\/unamer" }, "html_url": "https:\/\/github.com\/unamer\/CVE-2017-11882", "description": "CVE-2017-11882 Exploit accepts over 17k bytes long command\/code in maximum.", "fork": false, "created_at": "2017-11-21T15:22:41Z", "updated_at": "2021-05-06T02:38:11Z", "pushed_at": "2017-12-06T12:47:31Z", "stargazers_count": 281, "watchers_count": 281, "forks_count": 84, "forks": 84, "watchers": 281, "score": 0 }, { "id": 111585219, "name": "CVE-2017-11882-metasploit", "full_name": "0x09AL\/CVE-2017-11882-metasploit", "owner": { "login": "0x09AL", "id": 25826294, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25826294?v=4", "html_url": "https:\/\/github.com\/0x09AL" }, "html_url": "https:\/\/github.com\/0x09AL\/CVE-2017-11882-metasploit", "description": "This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https:\/\/embedi.com\/blog\/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.", "fork": false, "created_at": "2017-11-21T18:17:28Z", "updated_at": "2020-09-30T09:12:42Z", "pushed_at": "2017-11-21T20:34:57Z", "stargazers_count": 94, "watchers_count": 94, "forks_count": 50, "forks": 50, "watchers": 94, "score": 0 }, { "id": 111601525, "name": "ABC", "full_name": "HZachev\/ABC", "owner": { "login": "HZachev", "id": 33879843, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33879843?v=4", "html_url": "https:\/\/github.com\/HZachev" }, "html_url": "https:\/\/github.com\/HZachev\/ABC", "description": "CVE-2017-11882", "fork": false, "created_at": "2017-11-21T21:07:57Z", "updated_at": "2017-11-21T21:07:57Z", "pushed_at": "2017-11-21T22:04:31Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 111619944, "name": "CVE-2017-11882", "full_name": "starnightcyber\/CVE-2017-11882", "owner": { "login": "starnightcyber", "id": 19260696, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19260696?v=4", "html_url": "https:\/\/github.com\/starnightcyber" }, "html_url": "https:\/\/github.com\/starnightcyber\/CVE-2017-11882", "description": "CVE-2017-11882 exploitation", "fork": false, "created_at": "2017-11-22T01:11:39Z", "updated_at": "2021-05-28T07:05:33Z", "pushed_at": "2017-11-28T03:06:32Z", "stargazers_count": 40, "watchers_count": 40, "forks_count": 54, "forks": 54, "watchers": 40, "score": 0 }, { "id": 111637919, "name": "CVE-2017-11882", "full_name": "Grey-Li\/CVE-2017-11882", "owner": { "login": "Grey-Li", "id": 33873392, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33873392?v=4", "html_url": "https:\/\/github.com\/Grey-Li" }, "html_url": "https:\/\/github.com\/Grey-Li\/CVE-2017-11882", "description": null, "fork": false, "created_at": "2017-11-22T04:53:44Z", "updated_at": "2017-11-22T04:54:38Z", "pushed_at": "2017-11-22T04:54:37Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 111887551, "name": "CVE-2017-11882-for-Kali", "full_name": "legendsec\/CVE-2017-11882-for-Kali", "owner": { "login": "legendsec", "id": 13389492, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13389492?v=4", "html_url": "https:\/\/github.com\/legendsec" }, "html_url": "https:\/\/github.com\/legendsec\/CVE-2017-11882-for-Kali", "description": "# CVE-2017-11882-metasploit This is a Metasploit module which exploits CVE-2017-11882 using the POC below: https:\/\/embedi.com\/blog\/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. ## Installation 1) Copy the cve_2017_11882.rb to \/usr\/share\/metasploit-framework\/modules\/exploits\/windows\/local\/ 2) Copy the cve-2017-11882.rtf to \/usr\/share\/metasploit-framework\/data\/exploits\/ This module is a quick port to Metasploit and uses mshta.exe to execute the payload. There are better ways to implement this module and exploit but will update it as soon as I have the time.", "fork": false, "created_at": "2017-11-24T07:11:13Z", "updated_at": "2017-11-24T07:11:13Z", "pushed_at": "2017-11-24T07:11:14Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 111904379, "name": "cve-2017-11882", "full_name": "CSC-pentest\/cve-2017-11882", "owner": { "login": "CSC-pentest", "id": 33954862, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33954862?v=4", "html_url": "https:\/\/github.com\/CSC-pentest" }, "html_url": "https:\/\/github.com\/CSC-pentest\/cve-2017-11882", "description": null, "fork": false, "created_at": "2017-11-24T10:09:49Z", "updated_at": "2017-11-24T10:09:49Z", "pushed_at": "2017-11-24T10:13:07Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 112133932, "name": "CVE-2017-11882-", "full_name": "Shadowshusky\/CVE-2017-11882-", "owner": { "login": "Shadowshusky", "id": 31649758, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31649758?v=4", "html_url": "https:\/\/github.com\/Shadowshusky" }, "html_url": "https:\/\/github.com\/Shadowshusky\/CVE-2017-11882-", "description": null, "fork": false, "created_at": "2017-11-27T01:50:44Z", "updated_at": "2021-03-10T22:04:44Z", "pushed_at": "2017-11-27T01:50:52Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "forks": 0, "watchers": 1, "score": 0 }, { "id": 117080574, "name": "CVE-2018-0802", "full_name": "rxwx\/CVE-2018-0802", "owner": { "login": "rxwx", "id": 2202542, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2202542?v=4", "html_url": "https:\/\/github.com\/rxwx" }, "html_url": "https:\/\/github.com\/rxwx\/CVE-2018-0802", "description": "PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)", "fork": false, "created_at": "2018-01-11T09:43:46Z", "updated_at": "2021-05-13T02:35:47Z", "pushed_at": "2018-02-28T12:32:54Z", "stargazers_count": 267, "watchers_count": 267, "forks_count": 135, "forks": 135, "watchers": 267, "score": 0 }, { "id": 117234193, "name": "RTF_11882_0802", "full_name": "Ridter\/RTF_11882_0802", "owner": { "login": "Ridter", "id": 6007471, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", "html_url": "https:\/\/github.com\/Ridter" }, "html_url": "https:\/\/github.com\/Ridter\/RTF_11882_0802", "description": "PoC for CVE-2018-0802 And CVE-2017-11882", "fork": false, "created_at": "2018-01-12T11:38:33Z", "updated_at": "2021-05-04T19:02:54Z", "pushed_at": "2018-01-12T11:42:29Z", "stargazers_count": 158, "watchers_count": 158, "forks_count": 64, "forks": 64, "watchers": 158, "score": 0 }, { "id": 117637164, "name": "CVE-2017-11882", "full_name": "likescam\/CVE-2017-11882", "owner": { "login": "likescam", "id": 2469038, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", "html_url": "https:\/\/github.com\/likescam" }, "html_url": "https:\/\/github.com\/likescam\/CVE-2017-11882", "description": null, "fork": false, "created_at": "2018-01-16T05:47:47Z", "updated_at": "2018-01-16T05:47:59Z", "pushed_at": "2018-01-16T05:47:58Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 117637270, "name": "CVE-2018-0802_CVE-2017-11882", "full_name": "likescam\/CVE-2018-0802_CVE-2017-11882", "owner": { "login": "likescam", "id": 2469038, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", "html_url": "https:\/\/github.com\/likescam" }, "html_url": "https:\/\/github.com\/likescam\/CVE-2018-0802_CVE-2017-11882", "description": null, "fork": false, "created_at": "2018-01-16T05:49:01Z", "updated_at": "2021-03-11T01:10:37Z", "pushed_at": "2018-01-16T05:49:10Z", "stargazers_count": 9, "watchers_count": 9, "forks_count": 4, "forks": 4, "watchers": 9, "score": 0 }, { "id": 130633082, "name": "CVE-2017-11882-Possible-Remcos-Malspam", "full_name": "bloomer1016\/CVE-2017-11882-Possible-Remcos-Malspam", "owner": { "login": "bloomer1016", "id": 12056770, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12056770?v=4", "html_url": "https:\/\/github.com\/bloomer1016" }, "html_url": "https:\/\/github.com\/bloomer1016\/CVE-2017-11882-Possible-Remcos-Malspam", "description": null, "fork": false, "created_at": "2018-04-23T03:07:25Z", "updated_at": "2020-03-29T03:28:55Z", "pushed_at": "2018-04-23T03:08:38Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "forks": 1, "watchers": 1, "score": 0 }, { "id": 132171985, "name": "CVE-2017-11882", "full_name": "ChaitanyaHaritash\/CVE-2017-11882", "owner": { "login": "ChaitanyaHaritash", "id": 16261173, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16261173?v=4", "html_url": "https:\/\/github.com\/ChaitanyaHaritash" }, "html_url": "https:\/\/github.com\/ChaitanyaHaritash\/CVE-2017-11882", "description": "Empire Port of CVE-2017-11882", "fork": false, "created_at": "2018-05-04T17:50:57Z", "updated_at": "2020-10-27T03:32:18Z", "pushed_at": "2018-05-04T17:53:27Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 1, "forks": 1, "watchers": 2, "score": 0 }, { "id": 139015885, "name": "https-github.com-Ridter-CVE-2017-11882-", "full_name": "qy1202\/https-github.com-Ridter-CVE-2017-11882-", "owner": { "login": "qy1202", "id": 40664300, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40664300?v=4", "html_url": "https:\/\/github.com\/qy1202" }, "html_url": "https:\/\/github.com\/qy1202\/https-github.com-Ridter-CVE-2017-11882-", "description": null, "fork": false, "created_at": "2018-06-28T12:35:53Z", "updated_at": "2018-06-28T12:35:53Z", "pushed_at": "2018-06-28T12:35:53Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 154284917, "name": "CVE-2017-11882", "full_name": "j0lama\/CVE-2017-11882", "owner": { "login": "j0lama", "id": 17393029, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17393029?v=4", "html_url": "https:\/\/github.com\/j0lama" }, "html_url": "https:\/\/github.com\/j0lama\/CVE-2017-11882", "description": null, "fork": false, "created_at": "2018-10-23T07:44:39Z", "updated_at": "2018-11-05T22:36:38Z", "pushed_at": "2018-10-23T07:46:04Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 156669000, "name": "IDB_Share", "full_name": "R0fM1a\/IDB_Share", "owner": { "login": "R0fM1a", "id": 44599121, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44599121?v=4", "html_url": "https:\/\/github.com\/R0fM1a" }, "html_url": "https:\/\/github.com\/R0fM1a\/IDB_Share", "description": "CVE-2017-11882 analyse notebook", "fork": false, "created_at": "2018-11-08T07:44:32Z", "updated_at": "2018-11-08T10:27:41Z", "pushed_at": "2018-11-08T10:27:40Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "forks": 0, "watchers": 1, "score": 0 }, { "id": 161162866, "name": "CVE-2017-11882", "full_name": "chanbin\/CVE-2017-11882", "owner": { "login": "chanbin", "id": 24631331, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24631331?v=4", "html_url": "https:\/\/github.com\/chanbin" }, "html_url": "https:\/\/github.com\/chanbin\/CVE-2017-11882", "description": "Microsoft Equation 3.0\/Convert python2 to python3", "fork": false, "created_at": "2018-12-10T11:15:15Z", "updated_at": "2018-12-10T13:19:33Z", "pushed_at": "2018-12-10T11:18:50Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 202340795, "name": "CVE-2017-11882", "full_name": "littlebin404\/CVE-2017-11882", "owner": { "login": "littlebin404", "id": 54022042, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54022042?v=4", "html_url": "https:\/\/github.com\/littlebin404" }, "html_url": "https:\/\/github.com\/littlebin404\/CVE-2017-11882", "description": "CVE-2017-11882(通杀Office 2003到2016)", "fork": false, "created_at": "2019-08-14T11:55:00Z", "updated_at": "2020-12-22T07:23:05Z", "pushed_at": "2020-12-22T07:23:03Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 1, "forks": 1, "watchers": 2, "score": 0 }, { "id": 232606684, "name": "Overflow-Demo-CVE-2017-11882", "full_name": "ekgg\/Overflow-Demo-CVE-2017-11882", "owner": { "login": "ekgg", "id": 31654501, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31654501?v=4", "html_url": "https:\/\/github.com\/ekgg" }, "html_url": "https:\/\/github.com\/ekgg\/Overflow-Demo-CVE-2017-11882", "description": "Simple Overflow demo, like CVE-2017-11882 exp", "fork": false, "created_at": "2020-01-08T16:27:18Z", "updated_at": "2020-12-24T10:48:53Z", "pushed_at": "2020-01-09T10:38:02Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 1, "forks": 1, "watchers": 2, "score": 0 }, { "id": 311542568, "name": "CVE-2017-11882", "full_name": "HaoJame\/CVE-2017-11882", "owner": { "login": "HaoJame", "id": 24583124, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24583124?v=4", "html_url": "https:\/\/github.com\/HaoJame" }, "html_url": "https:\/\/github.com\/HaoJame\/CVE-2017-11882", "description": null, "fork": false, "created_at": "2020-11-10T04:13:53Z", "updated_at": "2020-11-10T04:18:08Z", "pushed_at": "2020-11-10T04:18:05Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 313441734, "name": "rtfkit", "full_name": "dcsync\/rtfkit", "owner": { "login": "dcsync", "id": 44536603, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44536603?v=4", "html_url": "https:\/\/github.com\/dcsync" }, "html_url": "https:\/\/github.com\/dcsync\/rtfkit", "description": "generate RTF exploit payload. uses cve-2017-11882, cve-2017-8570, cve-2018-0802, and cve-2018-8174.", "fork": false, "created_at": "2020-11-16T22:21:54Z", "updated_at": "2021-05-10T19:54:11Z", "pushed_at": "2020-11-16T22:32:12Z", "stargazers_count": 7, "watchers_count": 7, "forks_count": 2, "forks": 2, "watchers": 7, "score": 0 }, { "id": 318228897, "name": "CVE-2017-11882", "full_name": "ActorExpose\/CVE-2017-11882", "owner": { "login": "ActorExpose", "id": 57215674, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57215674?v=4", "html_url": "https:\/\/github.com\/ActorExpose" }, "html_url": "https:\/\/github.com\/ActorExpose\/CVE-2017-11882", "description": null, "fork": false, "created_at": "2020-12-03T15:00:27Z", "updated_at": "2020-12-03T15:01:17Z", "pushed_at": "2020-12-03T15:01:13Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 332744031, "name": "SignHere", "full_name": "Retr0-code\/SignHere", "owner": { "login": "Retr0-code", "id": 60541996, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60541996?v=4", "html_url": "https:\/\/github.com\/Retr0-code" }, "html_url": "https:\/\/github.com\/Retr0-code\/SignHere", "description": "SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads.", "fork": false, "created_at": "2021-01-25T12:44:03Z", "updated_at": "2021-03-16T06:23:59Z", "pushed_at": "2021-01-26T16:29:27Z", "stargazers_count": 3, "watchers_count": 3, "forks_count": 1, "forks": 1, "watchers": 3, "score": 0 } ]