CVE-2021-40444

This repository contains a functional proof-of-concept exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It generates a malicious docx file and hosts an exploit server to deliver a payload (e.g., a DLL) via a crafted CAB file.

This repository contains a fully weaponized exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes a generator for malicious docx files that leverage a CAB file with a ZipSlip vulnerability to achieve arbitrary code execution via DLL side-loading.

This repository contains a working proof-of-concept exploit for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office. The exploit generates malicious documents and files to trigger the vulnerability via crafted CAB files and Office documents.

This PoC demonstrates CVE-2021-40444 by exploiting a Microsoft Office MSHTML vulnerability via a crafted HTML file and a RAR archive containing a WSF script. The attack leverages ActiveX to execute arbitrary code without requiring a CAB archive.

This is a Metasploit module that generates a malicious DOCX file exploiting CVE-2021-40444, a Microsoft Office Word MSHTML RCE vulnerability. It crafts a malicious ActiveX control to achieve remote code execution on vulnerable Windows systems.

This repository provides a detailed writeup and usage instructions for exploiting CVE-2021-40444, a Microsoft MSHTML remote code execution vulnerability. It includes steps for generating malicious DLLs, creating exploit documents, and executing payloads via Office files.

This repository provides a writeup and mitigation steps for CVE-2021-40444, a Microsoft MSHTML Remote Code Execution vulnerability. It includes registry modifications to disable ActiveX controls in Internet Explorer as a workaround.

This PoC exploits CVE-2021-40444, a remote code execution vulnerability in Microsoft MSHTML via a malicious ActiveX control in a crafted Office document. It generates a malicious .cab file by embedding a DLL or INF file and modifying offset bytes to trigger the vulnerability.

This repository provides a proof-of-concept for CVE-2021-40444, a Microsoft MSHTML Remote Code Execution vulnerability. It uses Metasploit to generate a malicious DLL payload and embeds it in a Word document to achieve RCE via a reverse TCP shell.

This repository contains a Python script (`gen.py`) that automates the generation of malicious Microsoft Office documents exploiting CVE-2021-40444, a remote code execution vulnerability in MSHTML. The script modifies a .docx file to include a malicious payload hosted on a remote server, leveraging obfuscation techniques like HTML entity encoding and UTF-16BE encoding.

This repository contains a functional exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes scripts to generate malicious DOCX files and a server to host the exploit payload, demonstrating the vulnerability by executing arbitrary DLLs.

The repository contains only a README.md file with a public key and minimal information about CVE-2021-40444, lacking any functional exploit code or technical details. It appears to be a placeholder or incomplete documentation.

This repository contains a README describing a .docx exploit related to CVE-2021-40444, which leverages malicious files embedded in .docx resources. No actual exploit code is provided.

This repository provides a writeup on generating a malicious .docx file to exploit CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It describes the process of inserting a 'Bitmap Image' object to trigger the exploit.

The repository contains only a README.md file with minimal content, lacking any exploit code or technical details. It appears to be a placeholder or stub for CVE-2021-40444, a known Microsoft MSHTML Remote Code Execution vulnerability.

This exploit leverages CVE-2021-40444, a remote code execution vulnerability in Microsoft MSHTML via a malicious ActiveX control. It uses a series of HTML file manipulations and ActiveX object instantiations to trigger the vulnerability and execute arbitrary code.

This repository contains a fully weaponized exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes a generator for malicious DOCX files that leverage a CAB file with a path traversal vulnerability to achieve arbitrary code execution via DLL side-loading.

This is a Metasploit auxiliary module that generates a malicious DOCX file exploiting CVE-2021-40444, a vulnerability in Microsoft Office's MSHTML engine. It crafts a malicious ActiveX control to achieve remote code execution when the document is opened.

The repository contains only a README.md file with minimal information about CVE-2021-40444, lacking any exploit code or technical details. It appears to be a placeholder or stub without functional content.

This repository contains a proof-of-concept for CVE-2021-40444, including malicious document files (docx, RTF) and supporting files (HTML, CAB) designed to exploit the vulnerability. The README indicates these files can be used for testing detection and mitigation measures.

This repository contains a Python-based PoC for CVE-2021-40444, a Microsoft Office RCE vulnerability. It includes tools to parse and manipulate CAB files, generate malicious documents, and exploit the vulnerability via a logical bug.

This repository contains a functional PoC for CVE-2021-40444, a Microsoft Office Word RCE vulnerability. It generates a malicious docx file and hosts an exploit server to deliver a payload (e.g., a DLL) via a crafted CAB file.

The repository contains only a README.md file with minimal content, lacking any exploit code or technical details. It appears to be a placeholder or incomplete writeup for CVE-2021-40444.

This repository contains a functional exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It generates a malicious docx file and hosts an exploit server to deliver a payload (DLL) via a crafted CAB file.

This repository contains a functional proof-of-concept exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It generates a malicious docx file and hosts a server to deliver the payload, leveraging a patched CAB file and obfuscated HTML exploit.

This repository contains a fully weaponized exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes a generator for malicious DOCX files that leverage a CAB file with a ZipSlip vulnerability to achieve arbitrary code execution via DLL side-loading.

This PoC generates malicious CAB archives exploiting CVE-2021-40444 by embedding a modified DLL and crafting a CAB file with a patched header to trigger remote code execution via Microsoft MSHTML.

This repository provides a proof-of-concept exploit for CVE-2021-40444, a remote code execution vulnerability in Microsoft MSHTML. It includes instructions for setting up a vulnerable Windows 10 environment and a Kali Linux attacker machine, generating a malicious DLL, and delivering the exploit via a crafted document.

This repository contains a functional proof-of-concept exploit for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office via MSHTML. It includes tools to generate malicious documents, deobfuscate exploit code, and compile a malicious DLL for payload delivery.

This PoC exploits CVE-2021-40444 by crafting malicious CAB files with embedded commands or DLLs. It uses MakeCAB to generate a CAB file with a patched header to trigger the vulnerability in Microsoft Windows.

The repository contains only a README and a Python script with ASCII art, lacking any functional exploit code for CVE-2021-40444. It appears to be a placeholder or incomplete PoC.

This is a deobfuscated exploit for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office. The exploit leverages ActiveX objects and path traversal to execute malicious code via a crafted document.

This repository provides a detailed analysis of the CVE-2021-40444 exploit chain, including the malicious Word document and associated files. It explains the multi-stage attack involving OLE objects, ActiveX, and a malicious .cab file leading to code execution.

This repository contains a functional PoC for CVE-2021-40444, a Microsoft Office Word RCE vulnerability. It generates a malicious docx file and hosts an exploit server to deliver a payload (DLL) via a crafted CAB file.

This repository provides a step-by-step guide to exploit CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability, by manipulating a .docx file's internal structure. It describes the process of embedding a malicious object and modifying XML relationships to trigger the exploit.

This Metasploit module exploits CVE-2021-40444 by crafting a malicious DOCX file that leverages an ActiveX control to trigger remote code execution via the MSHTML engine in Microsoft Office Word. The exploit generates a CAB file with a manipulated checksum and hosts it via an HTTP server to deliver the payload.

This repository contains a functional exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes tools to generate malicious documents and a server to host the exploit payload.

This repository contains a functional exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes scripts to generate a malicious docx file and host an exploit server, leveraging a logical bug to execute arbitrary DLLs.

This repository contains a fully weaponized exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes a malicious docx generator, CAB file manipulation tools, and detailed technical analysis of the exploit chain involving path traversal and DLL side-loading.

This repository contains a fully weaponized exploit for CVE-2021-40444, a Microsoft Office Word RCE vulnerability. It includes a malicious docx generator, CAB file manipulation tools, and a detailed technical analysis of the exploit chain, including overlooked requirements like HTML size and CAB file byte-patching.

This repository contains a functional exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes scripts to generate a malicious docx file and host an exploit server, leveraging a patched CAB file and obfuscated HTML to achieve arbitrary DLL execution.

The repository contains only a README with links to external resources (malware samples and other repos) but no actual exploit code or technical details. This is characteristic of a social engineering lure.

This repository contains a functional exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes tools to generate a malicious docx file and a server to host the exploit, leveraging a patched CAB file and obfuscated HTML to achieve arbitrary DLL execution.

This repository contains a functional exploit for CVE-2021-40444, a Microsoft Office Word Remote Code Execution vulnerability. It includes scripts to generate a malicious docx file and host an exploit server, leveraging a patched CAB file and obfuscated HTML to trigger the vulnerability.