Skip to content

med0x2e/genxlm

master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 

Description


Just a simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application COM object and "ExecuteExcel4Macro" method.

The script will generate a simple payload for performing a very basic shellcode injection by calling VirtualAlloc -> WriteProcessMemory -> CreateThread (just a poc, better options can be considered.)

Usage


-o string output payload filename
-sh string Shellcode file path, ex: go run genXLM.go -sh shellcode.bin
-wsh string payload template js/hta, ex: go run genXLM.go -sh shellcode.bin -wsh js

Detection:


Currently not detected on VT;

Details:


Generate a simple JS using go run genXLM.go -sh shellcode.bin -wsh js and have a look at the generated js code "self-descriptive".

Check calc.hta, calc.js for examples. shellcode was generated using msfvenom.

References:


Disclaimer:


Use it for authorized red teaming and/or nonprofit educational purposes only. Any misuse of this script will not be the responsibility of the author. Use it at your own networks and/or with the network owner's permission.

About

A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4Macro"

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages