spoofing-office-macro icon indicating copy to clipboard operation
spoofing-office-macro copied to clipboard

Published 20 hours ago verified publisher icon christophetd

Metadata

:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.

Results 5 spoofing-office-macro issues
Sort by recently updated
recently updated
newest added

PoC no longer works

4 comment

Is this dead project? When I run macro on Windows 10, it will not work...

kaze-nomamani avatar kaze-nomamani

bug

Cant work

8 comment

Hi I fix the issues and tried in 32bit and 64bit office at Windows10 Environment But I found `result = NtQueryInformationProcess(newProcessHandle, 0, pbi, Len(pbi), size)` doesn't work. the result is...

Airboi avatar Airboi

bug

Same issue as the others

I have the same issue as the others. A buffer overflow at ` result = NtQueryInformationProcess(newProcessHandle, 0, pbi, Len(pbi), size)`

Awaces avatar Awaces

Create macro2for1.vba

made a macro that combined the two macros so it works for both x64 and x86 now.

WingsOfDoom avatar WingsOfDoom

64 bit implementation - updated formatting to match macro.vba

1 comment

As the title suggests, I spent some time updating macro64.vba (by @py7hagoras, originally here: #5) to make it a bit easier to compare with macro.vba. This is pretty much entirely...

xorcat avatar xorcat

Metadata

372
Stars
87
Forks
Watchers

Owner

verified publisher icon christophetd

Metadata

:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.

Back