msoffice Tag

Summary How Microsoft Word can be potentially dangerous on phishing scenario. Objective To exploit Microsoft Word Macro functionality to return a shell to a remote machine (attacker). Lets look at Microsoft Word and effectively the Macro functionality can be taken to our advantage in phishing scenario.  This attack is...

Summary How a simple Dynamic Data Exchange (DDE) can be vicious and leave users open to attack! Objective To exploit Excel's DDE functionality to return a shell to a remote machine (attacker). This week I wished to demonstrate how using the standard functionality in excel, it would be possible...