Penetration Testing mailing list archives
MS Office Files
From: "Romes, Randall J." <Rromes () larsonallen com>
Date: Thu, 13 Feb 2003 16:08:49 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 During the course of a pen test, we have been able to download some word documents from a web server. I have determined that the author of the documents is/was an employee of the company I am testing. I recall a while back seeing a post somewhere about pulling credential information from Office documents, but I can' t seem to find it now. Does this ring a bell, and if so, can anyone point me in the right direction? Thanks Randy Romes rromes () larsonallen com -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPkwXcDe9i44rosLHEQLd1ACfW4aS0PT/xDhogZl/qjZTEJxYFNQAoOth IWXGpDaT2URQN5oCL/1aaTlb =Kn7u -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- MS Office Files Romes, Randall J. (Feb 14)
- Re: MS Office Files David JuliĆ£o Santos (Feb 14)
- RE: MS Office Files winter (Feb 19)
- <Possible follow-ups>
- RE: MS Office Files Robinson, Sonja (Feb 19)