carnal0wnage and Attack Research join forces!

I'm happy to announce that carnal0wnage and Attack Research have joined blog forces!

the new home for the blog will be:

http://carnal0wnage.attackresearch.com/

please point your RSS readers to the new location and enjoy

With the new blog is the ability for a few more people to post. If you want to contribute please email c0arblog@attackresearch.com

-CG

Sunday, January 4, 2009

MSF VBA payload Demo

Pretty good demo by Mark Baggett using the MSF Payload with VBA output and creating a malicious word document.

http://markremark.blogspot.com/2009/01/metasploit-visual-basic-payloads-in.html

Its a shame everyone can do this now, its been ol'reliable for quite awhile :-(

Digg this

Posted by CG at 10:30 PM

Labels: , ,

4 comments:

Anonymous said...

Hi, I tried this method an dit works fine. But there still a problem. The macros are not enabled by default. Is there any way to bypass this by forcefully enabling macros when doc file is opened????

January 6, 2009 2:14 AM
CG said...

probably not as macro behavior will be set by group policy for the whole domain and the default settings will be to prompt the user.

dont worry, plenty of people will go ahead and run that macro for you.

January 6, 2009 6:38 AM
abhi said...

Ok. Anyway thanks for great post!!!

Regards
Abhi

January 6, 2009 6:54 AM
abhi said...

HI,

few days back vba created by msfpayload were working fine. But after an update when I paste the macros in office it displays "out of memory".

It was the same payload I used before. CAn you help me in this????

January 16, 2009 1:34 PM

Post a Comment

Subscribe to: Post Comments (Atom)