Vulnerability Development mailing list archives
Re: Word Macros & file sharing?
From: Pete Simpson <pete.simpson () BALTIMORE COM>
Date: Mon, 19 Mar 2001 19:43:40 -0000
A much simpler method of running an arbitrary executable using macros exists. Try this: Create a new document, then Insert / Object / Create from File ? Browse. Select e.g. NOTEPAD.EXE and Ok and a notepad icon appears at the insertion point. Then create a new macro like: Sub LaunchPackage() ActiveDocument.Content.Select ActiveDocument.InlineShapes(1).OLEFormat.Activate End Sub Run the macro and voila! Up pops notepad. I leave it to the reader to figure out how to make the icon of the embedded executable invisible within the document. -------------------------------- Pete Simpson Threat Lab Manager Research Department Baltimore Technologies Content Security Group -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3ia mQCNAzoe8V4AAAEEAL/Gi1BY8zY0E0uLDdvCN/J2D/pD492iFIVi9GeWWz1QbLo2 f/YKnGVeKsTYjWQHfFh4fKDpzHgC/Ufmswf4a74C/jQQ/buw8X+wWSTzsZ2W2ZaV jMVLj969ZopoHiv4yoNtb+m4erbvthfQbabhDZES5RHl3Qj/k+Z175sVOEblAAUR tBJDb250ZW50IFRocmVhdCBMYWKJAJUDBRA6HvFe5nXvmxU4RuUBASSHA/wLM+kk +a+Bdt3AyRV5UCQQf/yyvCdDKEZqM5q9SqO6sR13GF4kMbRY/7/ZS+/0f98IjplZ er9mpblsJcM60yeWmV+LnxDo2eEZgTHW8h65pZRT6QYHAgXFBAKpV4D5AH8aV5S4 HrK7aShzXNGNcQRiBoUU7ELP/CgXlqD41J6NQA== =qsME -----END PGP PUBLIC KEY BLOCK----- ----------------------------------------------------------------------------------------------------------------- The information contained in this message is confidential and is intended for the addressee(s) only. If you have received this message in error or there are any problems please notify the originator immediately. The unauthorized use, disclosure, copying or alteration of this message is strictly forbidden. Baltimore Technologies plc will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. In addition, certain Marketing collateral may be added from time to time to promote Baltimore Technologies products, services, Global e-Security or appearance at trade shows and conferences. This footnote confirms that this email message has been swept by Baltimore MIMEsweeper for Content Security threats, including computer viruses.
Current thread:
- Word Macros & file sharing? Meritt James (Mar 15)
- Re: Word Macros & file sharing? Nelson Brito (Mar 15)
- Re: Word Macros & file sharing? Marius Huse Jacobsen (Mar 15)
- Re: Word Macros & file sharing? Nelson Brito (Mar 16)
- Re: Word Macros & file sharing? H D Moore (Mar 15)
- <Possible follow-ups>
- Re: Word Macros & file sharing? Aviram Jenik (Mar 17)
- Re: Word Macros & file sharing? Pete Simpson (Mar 20)