Heiko Reese hreese

## Various-Macro-Based-RCEs.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                hreese
                / Various-Macro-Based-RCEs.md
            
            
              Created
              February 14, 2020 02:01
                — forked from mgeeky/Various-Macro-Based-RCEs.md
            
              
                Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.
              
          
    This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector.
Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.
All of the below examples had been generated for using as a remote address: 192.168.56.101.
List:

Page substiution macro for luring user to click Enable Content
The Unicorn Powershell based payload


## ssh-keygen
#Read multiple keys from an authorized_keys file and print the finger print

[root@server01 .ssh]# while read line; do ssh-keygen -l -f /dev/stdin <<< $line; done < authorized_keys
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 /dev/stdin (RSA)
2048 7d:f0:89:94:00:09:bc:70:46:59:8d:9a:70:3b:ac:70 /dev/stdin (RSA)
2048 61:63:ee:0d:f6:d2:d8:d6:ae:37:0c:35:ae:da:51:6a /dev/stdin (RSA)

#read a key from authorized key file
[root@server01 .ssh]# ssh-keygen -l -f authorized_keys
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 authorized_keys (RSA)

## fontawesome.sty
% FontAwesome (http://fortawesome.github.com/Font-Awesome/) bindings for (Xe)LaTeX
% Author: Honza Ustohal <honza@egoistic.biz>
%
% Translation of FontAwesome's private range characters into XeTeX symbols. All icons are camel-cased and prefixed with 'fa', i.e. what was .icon-align-center the CSS version of FontAwesome becomes \faAlignCenter
% This might be reworked into a full blown package in the near future
%
% Prerequisite:
% XeLaTeX, FontAwesome installed as a system font accessible by XeLaTeX
%
% Usage:
	#Read multiple keys from an authorized_keys file and print the finger print

	[root@server01 .ssh]# while read line; do ssh-keygen -l -f /dev/stdin <<< $line; done < authorized_keys
	2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 /dev/stdin (RSA)
	2048 7d:f0:89:94:00:09:bc:70:46:59:8d:9a:70:3b:ac:70 /dev/stdin (RSA)
	2048 61:63:ee:0d:f6:d2:d8:d6:ae:37:0c:35:ae:da:51:6a /dev/stdin (RSA)

	#read a key from authorized key file
	[root@server01 .ssh]# ssh-keygen -l -f authorized_keys
	2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 authorized_keys (RSA)
	% FontAwesome (http://fortawesome.github.com/Font-Awesome/) bindings for (Xe)LaTeX
	% Author: Honza Ustohal <honza@egoistic.biz>
	%
	% Translation of FontAwesome's private range characters into XeTeX symbols. All icons are camel-cased and prefixed with 'fa', i.e. what was .icon-align-center the CSS version of FontAwesome becomes \faAlignCenter
	% This might be reworked into a full blown package in the near future
	%
	% Prerequisite:
	% XeLaTeX, FontAwesome installed as a system font accessible by XeLaTeX
	%
	% Usage: