Eviloffice – Inject Macro And DDE Code Into Excel And Word Documents (Reverse Shell)

Win python script to inject Macro and DDE code into Excel and Word documents (reverse shell)

Features:

  • Inject malicious Macro on formats: docm, dotm, xlsm, xltm
  • Inject malicious DDE code on formats: doc, docx, dot, xls, xlsx, xlt, xltx
  • Python2/Python3 Compatible

Tested: Win10 (MS Office 14.0)

Requirements:

  • Microsoft Office (Word/Excel)
  • pywin32: python -m pip install -r requirements.txt

Forwarding requirements:

  • Ngrok Authtoken (for TCP Tunneling): Sign up at: https://ngrok.com/signup
  • Your authtoken is available on your dashboard: https://dashboard.ngrok.com
  • Install your auhtoken: ./ngrok authtoken <YOUR_AUTHTOKEN>

Legal disclaimer:
Usage of EvilOffice for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

Usage:

git clone https://github.com/thelinuxchoice/eviloffice
cd eviloffice
python -m pip install -r requirements.txt
python eviloffice.py

Author: github.com/thelinuxchoice/eviloffice
Twitter: twitter.com/linux_choice

Download Eviloffice
Original Source