Macro based attack
by famousgiraffe - September 09, 2021 at 03:05 PM
#1
Hi there
Can someone please provide a link or a script for a macro to use in a word document. This doesn’t have to directly exploit the user, but can act as a dropper or download the an exe file from somewhere else maybe?
#2
(September 09, 2021 at 03:05 PM)famousgiraffe Wrote: Hi there
Can someone please provide a link or a script for a macro to use in a word document. This doesn’t have to directly exploit the user, but can act as a dropper or download the an exe file from somewhere else maybe?

There are tons of examples publicly available as well as tools that will automate this for you. How have you searched?
#3
(September 12, 2021 at 03:08 PM)geshem Wrote:
(September 09, 2021 at 03:05 PM)famousgiraffe Wrote: Hi there
Can someone please provide a link or a script for a macro to use in a word document. This doesn’t have to directly exploit the user, but can act as a dropper or download the an exe file from somewhere else maybe?

There are tons of examples publicly available as well as tools that will automate this for you. How have you searched?

Hi there @geshem.
Ive looked at various VBA purgers etc but they are too long and exceed the limit for macros on word documents. Can you recommend some obfuscators for word document macros that would bypass for example windows defender please?

(September 12, 2021 at 11:08 PM)famousgiraffe Wrote:
(September 12, 2021 at 03:08 PM)geshem Wrote:
(September 09, 2021 at 03:05 PM)famousgiraffe Wrote: Hi there
Can someone please provide a link or a script for a macro to use in a word document. This doesn’t have to directly exploit the user, but can act as a dropper or download the an exe file from somewhere else maybe?

There are tons of examples publicly available as well as tools that will automate this for you. How have you searched?

Hi there @geshem.
Ive looked at various VBA purgers etc but they are too long and exceed the limit for macros on word documents. Can you recommend some obfuscators for word document macros that would bypass for example windows defender please?
#4
Still not very convenient to use
#5
If I remember correctly, msfconsole has this functionality. If this does not suffice, most Social Engineering frameworks also have these kinds of features. For just statistic purposes or alerting.
#6
why no use the latest CVE and depend on Macro?
#7
(September 12, 2021 at 03:08 PM)geshem Wrote:
(September 09, 2021 at 03:05 PM)famousgiraffe Wrote: Hi there
Can someone please provide a link or a script for a macro to use in a word document. This doesn’t have to directly exploit the user, but can act as a dropper or download the an exe file from somewhere else maybe?

There are tons of examples publicly available as well as tools that will automate this for you. How have you searched?

Dude, I dont get why people drop questions that are actually a google search away.

Possibly Related Threads…
Thread Author Replies Views Last Post
How to attack a business's reputation? RationalRaven 6 109 Yesterday at 06:19 PM
Last Post: RationalRaven
Setting up a Rogue LDAP Server for a pass-back attack yet1 0 144 October 18, 2021 at 07:14 PM
Last Post: yet1
DNA based Malware geshem 7 482 October 12, 2021 at 10:41 PM
Last Post: Ringer

 Users browsing this thread: 1 Guest(s)