Vulnerability Development mailing list archives

Re: Word Macros & file sharing?

From: Pete Simpson <pete.simpson () BALTIMORE COM>
Date: Mon, 19 Mar 2001 19:43:40 -0000

A much simpler method of running an arbitrary executable using macros
exists. Try this:

Create a new document, then Insert / Object / Create from File ? Browse.
Select e.g. NOTEPAD.EXE and Ok and a notepad icon appears at the insertion
point.

Then create a new macro like:

Sub LaunchPackage()
ActiveDocument.Content.Select
ActiveDocument.InlineShapes(1).OLEFormat.Activate
End Sub

Run the macro and voila! Up pops notepad.

I leave it to the reader to figure out how to make the icon of the embedded
executable invisible within the document.
--------------------------------
Pete Simpson
Threat Lab Manager
Research Department
Baltimore Technologies Content Security Group
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3ia

mQCNAzoe8V4AAAEEAL/Gi1BY8zY0E0uLDdvCN/J2D/pD492iFIVi9GeWWz1QbLo2
f/YKnGVeKsTYjWQHfFh4fKDpzHgC/Ufmswf4a74C/jQQ/buw8X+wWSTzsZ2W2ZaV
jMVLj969ZopoHiv4yoNtb+m4erbvthfQbabhDZES5RHl3Qj/k+Z175sVOEblAAUR
tBJDb250ZW50IFRocmVhdCBMYWKJAJUDBRA6HvFe5nXvmxU4RuUBASSHA/wLM+kk
+a+Bdt3AyRV5UCQQf/yyvCdDKEZqM5q9SqO6sR13GF4kMbRY/7/ZS+/0f98IjplZ
er9mpblsJcM60yeWmV+LnxDo2eEZgTHW8h65pZRT6QYHAgXFBAKpV4D5AH8aV5S4
HrK7aShzXNGNcQRiBoUU7ELP/CgXlqD41J6NQA==
=qsME
-----END PGP PUBLIC KEY BLOCK-----

-----------------------------------------------------------------------------------------------------------------
The information contained in this message is confidential and is intended
for the addressee(s) only. If you have received this message in error or
there are any problems please notify the originator immediately. The
unauthorized use, disclosure, copying or alteration of this message is
strictly forbidden. Baltimore Technologies plc will not be liable for direct,
special, indirect or consequential damages arising from alteration of the
contents of this message by a third party or as a result of any virus being
passed on.

In addition, certain Marketing collateral may be added from time to time to
promote Baltimore Technologies products, services, Global e-Security or
appearance at trade shows and conferences.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.

Current thread:

Word Macros & file sharing? Meritt James (Mar 15)
- Re: Word Macros & file sharing? Nelson Brito (Mar 15)
- Re: Word Macros & file sharing? Marius Huse Jacobsen (Mar 15)
  - Re: Word Macros & file sharing? Nelson Brito (Mar 16)
- Re: Word Macros & file sharing? H D Moore (Mar 15)
- <Possible follow-ups>
- Re: Word Macros & file sharing? Aviram Jenik (Mar 17)
- Re: Word Macros & file sharing? Pete Simpson (Mar 20)