Excel with VBA and adobe_pdf_embedded_exe_nojs

[Richard Miles <richard.k.miles () googlemail com>]

Hi

I'm testing and learning the client side attacks...

I created a .vba payload that is windows/exec that just call calc.exe,
I'm using Office 2007. I created a macro and copied the script, if I
click in "run" the calc.exe appears, if I save (.xlsm) and open it
there is a box telling that macro is disable by default, it's very
bad. But just to test I enabled it. But neither enabling it the calc
opens again, but if I go to macro editor again and click in "run" it
works. I'm doing something wrong? It's not exploitable anymore?

I also tested adobe_pdf_embedded_exe_nojs with windows/exec that just
call calc.exe, I use foxit reader, the weird is that is always open
cmd.exe, ignoring the param that I sent to windows/exec. Strange. I'm
doing something wrong? It's not exploitable anymore?

Thanks
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework