Webinar Takeaway: Abusing Microsoft Office for Post-Exploitation
My key takeaways putting a wll file (which is a renamed dll) in a "trusted location" will be executed on start up M$ Word In Excel it doesn’t work this easy with xll‘s as disabled by default But Excel Add-in’s (XLA/XLAM) will be executed in trusted locations rewriting the default templates for Word or Excel
Read More