BadOutlook is a simple PoC which leverages the Outlook Application Interface (COM Interface) to execute shellcode on a system based on a specific trigger subject line.
By utilizing the Microsoft.Office.Interop.Outlook
namespace, developers can represent the entire Outlook Application (or at least according to Microsoft). This means that the new application should be able to do anything from reading emails (yes this also includes archives, trash, etc.) to sending them out.
Building on the millions of pre-existing C# shellcode loaders, an email with a trigger subject line and base64 encoded shellcode in the body can be sent to the host with a weaponized instance of this program. The program will then read the email and execute the shellcode embedded in the email.
Additional Notes
PoC
This repository contains tools created by yogSahare0 while learning Python 3 for ethical hacking and penetration testing.…
"NetSecChallenger" provides a suite of automated tools designed for security professionals and network administrators to…
The essential tool for cybersecurity enthusiasts! This guide provides a detailed walkthrough on how to…
Meet "Poodone," the ultimate Python script designed for cybersecurity enthusiasts and professionals alike. Packed with…
The Linux version is no longer supported! The last Linux version is 6.0 that you…
Jin is a hacking command-line tools designed to make your scan port, gathering urls, check…