0x09AL/WordSteal 0x09AL/WordSteal

  • Stars
    star
    228
  • Rank 175,267 (Top 4 %)
  • Language
    Python
  • Created over 7 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
0x09AL/WordSteal
github

0x09AL

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does not keep responsibility for any illegal action you do.

WordSteal

This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does not keep responsibility for any illegal action you do.

Microsoft Word has the ability to include images from remote locations.This is an undocumented feature but was found used by malware creators to include images through http for statistics.We can also include remote files to a SMB server and the victim will authenticate with his logins credentials. This is very useful during a pentest because allows you to steal credentials without triggering any alerts and most of the security apps do not detect this.

More Repositories

1

RdpThief

Extracting Clear Text Passwords from mstsc.exe using API Hooking.
C++
951
star
2

raven

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.
Go
753
star
3

IIS-Raid

A native backdoor module for Microsoft IIS (Internet Information Services)
C++
488
star
4

DNS-Persist

DNS-Persist is a post-exploitation agent which uses DNS for command and control.
C++
197
star
5

CVE-2018-8174-msf

CVE-2018-8174 - VBScript memory corruption exploit.
Ruby
166
star
6

DropboxC2C

DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.
Python
143
star
7

go-deliver

Go-deliver is a payload delivery tool coded in Go.
Go
116
star
8

CVE-2017-11882-metasploit

This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.
Ruby
98
star
9

Browser-C2

Post Exploitation agent which uses a browser to do C2 operations.
Go
96
star
10

AzureCLI-Extractor

A tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.
C#
43
star
11

RsaTokenExtractor

A simple toolkit on extracting RSA Software Tokens from RSA SecureID
C#
41
star
12

my-exploits

My public exploit collection.
Python
31
star
13

0x09al.github.io

Ruby
2
star