Description: In general macro is a series of commands or instructions that triggers automatically when the document is opened. Microsoft Word supports the use of macros to allow the automation of frequently performed tasks.So this feature provided by the microsoft can be used by the attacked for malicious purpose.If a vulnerability exists in the target system then the attacker can craft a malicious document that will bypass the macro security model. If the document was opened, this flaw could permit a malicious macro embedded in the document to be executed automatically and could create a session between the attacker and the victim.
This video demonistrates how the exploitation can be taken place in the case of Micorsoft Word document when macros are been enabled using the metasploit framework.
Tags: metasploit , microsft -word- document , exploitation ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.