infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add doc for openoffice_document_macro

bug/bundler_fix
wchen-r7 2017-02-08 16:41:42 -06:00
parent 047a9b17cf
commit 3e2e15c7b8
1 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
documentation/modules/exploit/multi/misc/openoffice_document_macro.md Normal file
View File

@ -0,0 +1,59 @@
## Description
This module generates an Apache OpenOffice Text Document with a malicious macro in it. It also
works against LibreOffice.
For exploit successfully, the targeted user must adjust the security level in Macro Security to
either Medium or Low. If set to Medium, a prompt is presented to the user to enable or disable the
macro. If set to Low, the macro can automatically run without any warning.
## Vulnerable Application
* Apache OpenOffice
* LibreOffice
## Verification Steps
To use this exploit, you must know the platform of the targeted user. The module supports either
Windows, Linux, and OSX. If the target is using Windows, then the exploit will generate the macro
with malicious Powershell code inside. For other supported platforms, the exploit will generate
Python code.
An example of using this module against Windows:
1. Start msfconsole
2. ```use exploit/multi/misc/openoffice_document_macro```
3. ```set target 0```
4. ```set payload windows/meterpreter/reverse_tcp```
5. ```exploit```
An example of using this module against Linux or OSX:
1. Start msfconsole
2. ```use exploit/multi/misc/openoffice_document_macro```
3. ```set target 1```
4. ```set payload python/meterpreter/reverse_tcp```
5. ```exploit```
Once started, the module will mainly do these things:
1. It will start a payload handler.
2. It will start a web server. This is used for the macro to download and execute our final payload.
3. The malicious odt file. Send this to your targeted user.
## Options
**BODY**
This option can be used to insert text to the malicious document.
## Modification
Since social engineering will play a big part in the success of the attack, you will most likely
want to modify the odt file.
1. To do so, first use msfconsole to generate the malicious odt file.
2. Move the odt file to a system that has OpenOffice or LibreOffice
3. You can just use OpenOffice/LibreOffice to edit the file. Make sure you don't modify the macro
code unless you actually know what you're doing.