Eviloffice : Inject Macro & DDE Code Into Excel & Word Documents

Eviloffice is a tool used to inject macro and DDE code into Excel and Word documents (reverse shell).

Features

Inject malicious Macro on formats: docm, dotm, xlsm, xltm
Inject malicious DDE code on formats: doc, docx, dot, xls, xlsx, xlt, xltx
Python2/Python3 Compatible
Tested: Win10 (MS Office 14.0)

Requirements

Microsoft Office (Word/Excel)
pywin32: python -m pip install -r requirements.txt

Also Read – Guardedbox : Online Client-Side Manager For Secure Storage & Secrets Sharing

Forwarding Requirements

Ngrok Authtoken (for TCP Tunneling): Sign up at: https://ngrok.com/signup
Your authtoken is available on your dashboard: https://dashboard.ngrok.com
Install your auhtoken: ./ngrok authtoken

Usage

git clone https://github.com/thelinuxchoice/eviloffice
cd eviloffice
python -m pip install -r requirements.txt
python eviloffice.py

Disclaimer

Usage of EvilOffice for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Related

Unicorn – Downgrade Attack & Inject Shellcode Straight into Memory

July 13, 2018

In "Kali Linux"

Camelishing – Social Engineering Tool

July 24, 2018

In "Kali Linux"

EvilClippy : For Creating Malicious MS Office Documents

May 3, 2019

In "Kali Linux"

R K

Next Ligolo : Reverse Tunneling Made Easy For Pentesters »

Previous « Inshackle : Instagram Hacks

Share

Published by

R K

Tags: DDE CodeEvilofficeExcelMicrosoftMicrosoft ExcelMicrosoft WordWord

6 years ago

Recent Posts

Cyber security

How AI Puts Data Security at Risk

Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…

2 weeks ago

TECH

The Evolution of Cloud Technology: Where We Started and Where We’re Headed

Image credit:pexels.com If you think back to the early days of personal computing, you probably…

2 weeks ago

TECH

The Evolution of Online Finance Tools In a Tech-Driven World

In an era defined by technological innovation, the way people handle and understand money has…

2 weeks ago

OSINT

A Complete Guide to Lenso.ai and Its Reverse Image Search Capabilities

The online world becomes more visually driven with every passing year. Images spread across websites,…

2 weeks ago

Cyber security

How Web Application Firewalls (WAFs) Work

General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…

2 months ago

Linux

How to Send POST Requests Using curl in Linux

How to Send POST Requests Using curl in Linux If you work with APIs, servers,…

2 months ago

L