Description: <div style="text-align: justify;">Keith Lee has written a script which injects a meterpreter shell into an excel file. According to his submission: XLSInjector injects meterpreter shell to excel xls files (Port 4444) This only works on Windows. You need to enable Trust to VB Project under Macro Security in Excel to generate the malicious excel file You need to set macro security settings to Low for the exploit to work. You can social engineer your target to enable macro settings by creating a excel file with embedded flash games or fortune telling that 'require macro settings'. You can find my blog post here. <br><br>Thanks go out to Keith for submitting this video to SecurityTube. <br></div><br>
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.