Menu

Sep 30, 2009

XLSInjector

Injecting Meterpreter into Excel files using XLSInjector

By Milo2012

I have just written a new script to injects meterpreter shell to excel file.
This will speed up the pentesting process to embed malicious VBA scripts in excel files.
For this script to work, you will need windows, microsoft excel, perl and perl module Win32:OLE
To install perl module Win32:OLE (take note that its case sensitive)
C:\>  CPAN
cpan> install Win32:OLE
To run the script, simple type
[If you want it to download an excel file from the web]
C:\ perl xlsinjector.pl -u http://website/excel.xls -o 1234.xls
[If you want it to use a local excel file.  Put the excel file in the same folder as the script]
C:\ perl xlsinjector.pl -i excel.xls  -o 1234.xls
The -o argument is optional.

Video :
Download 
http://videos.securitytube.net/Injecting-Meterpreter-into-Excel-files-using-XLSInjector.mp4
View
http://securitytube.net/Injecting-Meterpreter-into-Excel-files-using-XLSInjector-video.aspx

# ITS ©
# 2008 - 2009
Posted by at No comments:
Labels:

Session Hijacking


Session hijacking is the act of taking control of a user session after successfully obtaining or generating an authentication session ID. Session hijacking involves an attacker using captured, brute forced or reverse-engineered session IDs to seize control of a legitimate user's Web application session while that session is still in progress.


# ITS ©
# 2008 - 2009
Posted by at No comments:
Labels:

Clickjacking


Clickjacking is the process of hijacking a user's click in a web browser and redirect it to do an entirely different action than desired by the user naturally. The way this is done is by creating a visual illusion, where the user is not able to see the real item he is clicking, instead he is made to believe that he clicking something entirely different.


A hacker accomplishes this by creating a transparent iframe which contains the target page in which there is an item he wants the victim to click. He then embeds this iframe into a malicious page controlled by him. When a user visits this malicious page, the hacker makes the iframe always hover under the user's mouse. As the iframe is transparent the user is never able to see it and thus clicks on one of the items in the malicious page. This click actually happens on the target item, in the target page. Thus the user is tricked into clicking something he never meant to.


# ITS ©
# 2008 - 2009
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)