Forum Thread: Exploits for Office 2003 or Windows 7 SP1

Is there any exploits that could be embeded into a simple picture or office/document type file that would work with Office 2003 Windows 7 SP1 updated? I know there is a RTF exploit for word 2003, but it does not work if the computer has been patched to SP1.

I searched the database but did not find them, I did see a
TIFF exploit, but I was not sure how to use it.

I also saw, Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)

Anyone has any tips?

Thanks

2 Responses

use a powershell attack vector with a meterpreter payload, that has been encoded using veil, that you can embed in any office doc using vbs scripts. name the doc something that warrents curiosity and blamo you're in. there are a couple of tutorials on doing what I just suggested floating around here somewhere. google is your friend

yes but that requires the victim to enable macro's ... I want something they can just double click.

Share Your Thoughts

  • Hot
  • Active