For the use of very ignorant, looked at other people's post, found that really clear a lot.

Recurrence vulnerability cve-2017-8759

The vulnerability affects all major. Net framework versions

Microsoft .NET Framework4.6.2

Microsoft .NET Framework4.6.1

Microsoft .NET Framework3.5.1

Microsoft .NET Framework4.7

Microsoft .NET Framework4.6

Microsoft .NET Framework4.5.2

Microsoft .NET Framework3.5

Microsoft .NET Framework 2.0 SP2

Environmental Science:

Kali linux    IP：   192.168.1.118

Win8.1 target IP: 192.168.1.19 (office2013)

Generating HTA backdoor with empire in Kali

Modify the expand.txt file

Open Apache or use Python - M simplehttpserver to establish a link

And upload HTA to the same path.

Then use word to create a new RTF and insert an object linked to the file http://192.168.1.118:808/exploit.txt

Then use C32 to edit blob.bin, and change the location as follows

Right click to copy all of hex format and open RTF file with editor to replace code

Insert objeupdate before objeautlink

After saving and modifying, let's test the effect!

(o゜▽゜)o☆[BINGO!]

Another way to use gestures is to use macros to load HTA files. Project address:

Reference source:

https://bbs.77169.com/forum.php?mod=viewthread&tid=364738