Remote Template Injection

Introduction

Microsoft Word has the option to create documents using a template. Whenever a Word documents with a template is being written / read, the template can either be wordloaded/loaded from the local, or a remote machine. Whenever the victim opens the Word Document, the Document will fetch the malicious template from the attacker's server, and execute it.

https://blog.sunggwanchoi.com/remote-template-injection/

Crating the Template

We can use the tool remoteinjector to automate the process so we don't have to update any XML.

OPSEC

PreviousVisual Basic Macro (VBA)NextSCR File Attack

Last updated