Comments (2)
This is what microsoft said
https://support.microsoft.com/en-us/office/choose-between-the-64-bit-or-32-bit-version-of-office-2dee7807-8f95-4d0c-b5fe-6c6f49b8d261
And it is hard to know whether our pentesting goal is running on x64 or x86 office,so unicorn must be compatible for them allπ
from unicorn.
I have done some research.
Using x86 office 2010 to create macro payload is the best way.
There are a few reasons below
1.Office2010 was designed for win7(I used virtualbox on win10),where you can paste the payload without seeing the annoying windows defender's prompting window.
2.The payload that 2010 created can run well on 2003(they all are 32 bits and need to install extension on microsoft site) and 2007. When it comes to 2013,2016,2019,there are a compatible mode in them to view 2010's files.
3.It seemd that security in 2013 and higher was level-up,you might do more steps to create macro and create your phishing files(maybe microsoft dont want people abuse their product to create virus).However,everything is simple in 2010
4.The fake "broken file" message may be persuasive for the target.You can say it is old and any error in the file that 2010 created is possible......
That is what i want to say.
How about your opinions?
Do you have the same idea?
from unicorn.
Related Issues (20)
- meterpreter cannot use established connection
- when run in target I get a series of numbers listed in terminal and no shell HOT 1
- Powershell errors on execution HOT 2
- is it possible to execute custom payload created through proper coding can be injected through unicorn. HOT 1
- I am having issues getting my callbacks HOT 2
- Formatting troubles with Word/Excel VBA editor HOT 1
- Windows/download_exec HOT 1
- REQUEST - User input for AMSI Bypass and Decoded/Encoded Shell
- Can`t skip UC_ERR_READ_UNMAPPED
- the powershell script is detectable. HOT 7
- no more bypassing defender
- Logical Error in Help Section HOT 3
- Macro reverse_https is detected by Windows Defender. Is there a workaround for this?
- Do unicorn work with android payloads like android/meterpreter/reverse_tcp and if it do then how? HOT 1
- i have a problem with unicorn Also ensure your syntax for unicorn is correct. Missing IP address, HOT 2
- stuck at generating payload HOT 1
- Payload Gets Detected Even After Obfuscation in Windows 10. HOT 1
- No meterpreter being caught by handler HOT 1
- Powershell ERROR
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from unicorn.