Friday, November 14, 2008

Link: Writing malicious maros using metasploit

Good blog post over at securiteam on using the exe2vba portion of metasploit to embed malicious code into office documents. Fun!

http://blogs.securiteam.com/index.php/archives/1161

of course those attacks can be mitigated with proper group policy but most places "need their macros!" so enjoy the pwnings.
at

3 comments:

  1. AnonymousNovember 15, 2008 at 4:47 PM

    HDM published this new Metasploit "feature" few days ago on Pen-Test mailing list:

    Click

    ReplyDelete
  2. Nathan KeltnerNovember 16, 2008 at 10:58 PM

    Using VBA in Word/Excel to run commands: http://blog.invisibledenizen.org/2008/11/on-vba-in-excel-and-word-documents.html

    To download files: http://blog.invisibledenizen.org/2008/11/vba-function-to-download-files.html

    Running commands as system: http://blog.invisibledenizen.org/2008/11/running-commands-as-system-from-vba-in.html

    Killing of antivirus: http://blog.invisibledenizen.org/2008/11/how-to-kill-antivirus-from-word-or.html

    Modifying the windows firewall: http://blog.invisibledenizen.org/2008/11/modifying-windows-firewall-rules-from.html

    ReplyDelete
  3. CGNovember 17, 2008 at 10:10 AM

    thanks for the links

    ReplyDelete