My first post regarding this malicious Microsoft Office document generator was about an older version. However a few hours ago, an update was released - Luckystrike 2.0! Major highlights for this awesome release include full support for Microsoft Word in addition to a new COM scriptlet payload and Excel DDE infection support. Along with this, support for Invoke-Obfuscation is inbuilt! Read more about UPDATE: Luckystrike 2.0!
An older post of mine - MicroSploit dealt with generating backdoored documents for the Office platform. This post is about another open source framework, called WinPayloads which helps you create custom malicious payloads for the Microsoft Windows operating system. Read more about WinPayloads: Generate Undetectable Windows Payloads!
Close on the heels of my earlier post about MicroSploit, the Microsoft Office Exploitation Toolkit, that was on the *NIX platform, this post is about Luckystrike, a malicious Microsoft Office malicious document generator on Microsoft's very own Windows platform. Read more about Luckystrike: An Malicious Office Document Generator!
This is a short post about MicroSploit, an open source toolkit that helps you create custom office platform based backdoors using the Metasploit framework and the different payloads it supports.It is a simple bash script that uses command line inputs and Zenity for creating GTK+ dialog boxes to accept additional input. As of now, MicroSploit supports the creation of backdoors for the following platforms:MS12-027 MSCOMCTL ActiveX Buffer Overflow Microsoft Office Word Malicious Read more about MicroSploit: The Office Exploitation Toolkit!