Search the Community

Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) Creation of this Script is based on some reverse engineering over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 (docx file) You need to install lcab first (sudo apt-get install lcab) Check REPRODUCE.md for manual reproduce steps If your generated cab is not working, try pointing out exploit.html URL to calc.cab Finally try the docx in a Windows Virtual Machine: [hide][Hidden Content]]

Any PDF Password Recovery 11.8 Recover, Crack, Unlock PDF User/Open Password Leading, advanced and efficient PDF Password Recovery software can quickly recover any lost, forgotten or unknown password for Adobe PDF documents. Any Excel Password Recovery 11.8 Recover, Remove, Crack, Break or Unlock Excel Password Best Excel Password Recovery software helps you recover your lost or forgotten password from Microsoft Excel 2019/2017/2016/2013/2010/2007. Any RAR Password Recovery 11.8 Recover Any Lost or Forgotten Password for RAR/WinRAR Archives Leading RAR Password Unlocker tool recovers password for all kinds of encrypted RAR/WinRAR Archives without losing data. Any ZIP Password Recovery 11.8 Recover Any Lost or Forgotten Password for ZIP/WinZIP/7ZIP/PKZIP Archives Any Word Password Recovery 11.8 Recover and Crack Password for Microsoft Office Word Documents Advanced, safe and reliable MS Word Password Recovery software helps you recover your lost, forgotten or unknown Word password and crack opening password protected Microsoft Word files (*.doc and *.docx) quickly. Any PowerPoint Password Recovery 11.8 Recover, Crack, Unlock Open Password for Encrypted Microsoft PowerPoint Presentation Leading PowerPoint Password Recovery software helps you crack and recover lost, forgotten or unknown open password for Microsoft PowerPoint slide presentation. [Hidden Content] [hide][Hidden Content]]

EvilOffice v1.0 - Inject Macro and DDE code into Excel and Word documents (reverse shell) Features: Inject malicious Macro on formats: docm, dotm, xlsm, xltm Inject malicious DDE code on formats: doc, docx, dot, xls, xlsx, xlt, xltx Python2/Python3 Compatible Tested: Win10 (MS Office 14.0) Requirements: Microsoft Office (Word/Excel) pywin32: python -m pip install -r requirements.txt Forwarding requirements: Ngrok Authtoken (for TCP Tunneling): Sign up at: [Hidden Content] Your authtoken is available on your dashboard: [Hidden Content] Install your auhtoken: ./ngrok authtoken <YOUR_AUTHTOKEN> [HIDE][Hidden Content]]

When a Microsoft Word ".docx" File contains a hyperlink to another file, it will run the first file it finds in that directory with a valid extension. But will present to the end user an extension-less file in its Security warning dialog box without showing the extension type. If another "empty" file of the same name as the target executable exists but has no file extension. Because the extension is suppressed it makes the file seem harmless and the file can be masked to appear as just a folder etc. This can potentially trick user into running unexpected code, but will only work when you have an additional file of same name with NO extension on it. View the full article