Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft CVE-2022-30190

Name: Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft CVE-2022-30190
Rating: 5 (242 reviews)

2022-05-31 | CVSS 9.3

## https://sploitus.com/exploit?id=02FCE52D-5E91-5C57-A40A-DE4FF7C726A3
# Follina Proof of Concept (CVE-2022-30190)

Quick and easy "proof of concept" for the Follina RCE that affects Microsoft Office/365 products. This POC supports both the one-click exploit and the zero-click exploit through RTF files.  
Running the script will generate an `infected.zip` archive that contains two files:
* A `zero-click.rtf` file that allows you to test the RCE without opening the file (*simply previewing the file will trigger the exploit*)
* A `one-click.doc` file that triggers the exploit when opened

# Usage
1. Edit `follina.py` and set `COMMAND` to execute (*defaults to calc*), `INTERFACE` (*defaults to eth0*) and `PORT` (*defaults to 8000*)
2. Run `./follina.py`
3. Copy and extract the `infected.zip` on the target machine
4. From the target machine, open `one-click.doc` or simply preview `zero-click.rtf`

![](https://user-images.githubusercontent.com/4747002/171189078-5c7947f7-333f-4c3c-ab7f-34fc846669d7.gif)