You are here : Home » Security tools » MacroPack » RedTeam With Publisher

RedTeam With Publisher

Windows Initial Vector Series

D 28 April 2022     H 18:22     A Emeric Nasi     C 0 messages



License : Copyright Emeric Nasi (@EmericNasi), some rights reserved
This work is licensed under a Creative Commons Attribution 4.0 International License.
Creative Commons License

1. Foreword

Microsoft Publisher is another tool of the Office suite which is often ignored when RedTeaming.
However, it has been successfully used in several malware campaigns (examples here). Indeed,
Publisher does have an important offensive potential as it can both:

  • Execute VBA code; and
  • Embed files

Let’s review how those work as well as the pros and cons of using a Publisher document as an initial RedTeam payload.

Note: Examples in this document rely on the use of MacroPack Pro by BallisKit. MP Pro is a commercial tool for RedTeams legal use only. Reading this post, you should be able to reproduce those examples manually even if you don’t have MacroPack Pro.

Contact information:

Please open the PDF below to read the full article.

PDF - 623.4 kb
Any message or comments?
pre-moderation

This forum is moderated before publication: your contribution will only appear after being validated by an administrator.

Who are you?
Your post