Exploiting Microsoft Office and delivering a payload using Microsoft DDE

Windows provides several methods for transferring data between applications. One method is to use the Dynamic Data Exchange (DDE) protocol. The DDE protocol is a set of messages and guidelines. It sends messages between applications that share data and uses shared memory to exchange data between applications. Applications can use the DDE protocol for one-time … Read moreExploiting Microsoft Office and delivering a payload using Microsoft DDE

Attack Simulation: Malicious Office Document (Metasploit)

This module generates a macro-enabled Microsoft Office Word document (docm). It does not target a specific CVE or vulnerability, instead it’s more of a feature-abuse in Office, and yet it’s still a popular type of social-engineering attack such as in ransomware. By default, the module uses a built-in Office document (docx) as the template. It … Read moreAttack Simulation: Malicious Office Document (Metasploit)