Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: vb script to infect WORD docs_LibreOffice?

From: James Butler <jamie.e.butler () gmail com>
Date: Sat, 23 Jul 2011 11:50:56 +0100
Hi Cedric,

The vbscript come in two parts:

   '*  1. The Macro. This must be copied into the Office document
   '*     macro editor. This macro will run on startup.
   '*
   '*  2. The Data. The hex dump at the end of this output must be
   '*     appended to the end of the document contents.

so the first part needs MSOffice's Macro Editor to embed it in a Word
.doc I believe

James

On 7/22/11, Patrick Webster <patrick () aushack com> wrote:

Hi cedric,

I am unsure if anyone has ever attempted this, but yes, you in theory
should be able to use LibreOffice to create a DOC or DOCX (or XLS etc)
file and embed VBScript then send to a Windows / MS Office user.

-Patrick

On Fri, Jul 22, 2011 at 2:34 AM, cedric viaene
<viaene.cedric () hotmail com> wrote:

Hy
I have a question:
I'm following the metasploit Unleashed course, which is awesome BTW, and I
stumbled into the technique to infect WORD documents with vb script
payloads.
I'm wondering if it has to be MS office where you create the malicious
WORD
document?

Can I install LibreOffice to Backtrack for example, create my malicious
file
with vb script(on the pentestdistro) and then send to the victim(my other
computer)?

It's a bit of a struggle en un-practical to first create your WORD
document
on the target machine and then execute.
Please help!

Thanks in advance

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: