Object Linking and Embedding
Theory
Another popular client-side attack against Microsoft Office abuses Dynamic Data Exchange (DDE)1 to execute arbitrary applications from within Office documents,2 but this has been patched since December of 2017.3
However, we can still leverage Object Linking and Embedding (OLE)4 to abuse Microsoft Office's document-embedding feature.
In this attack scenario, we are going to embed a Windows batch file5 inside a Microsoft Word document.
- Create .bat file and copy the powershell code create in macro module
- Attach .bat file in new microsoft word insert>Object>Create from File
1. Select the .bat file
2. Below click
change icon option to change the warning icon to avoid detection
- nc -nvlp <port