Friday, November 14, 2008

Link: Writing malicious maros using metasploit


Good blog post over at securiteam on using the exe2vba portion of metasploit to embed malicious code into office documents. Fun!

http://blogs.securiteam.com/index.php/archives/1161

of course those attacks can be mitigated with proper group policy but most places "need their macros!" so enjoy the pwnings.
CG

3 comments:

Anonymous said...

HDM published this new Metasploit "feature" few days ago on Pen-Test mailing list:

Click

Nathan Keltner said...

Using VBA in Word/Excel to run commands: http://blog.invisibledenizen.org/2008/11/on-vba-in-excel-and-word-documents.html

To download files: http://blog.invisibledenizen.org/2008/11/vba-function-to-download-files.html

Running commands as system: http://blog.invisibledenizen.org/2008/11/running-commands-as-system-from-vba-in.html

Killing of antivirus: http://blog.invisibledenizen.org/2008/11/how-to-kill-antivirus-from-word-or.html

Modifying the windows firewall: http://blog.invisibledenizen.org/2008/11/modifying-windows-firewall-rules-from.html

CG said...

thanks for the links