![]() Defenders are aware of this and more often than not deploy active counter-measures which greatly hinder macro usability during engagements. Due to the wide application and possibilities of task automation, it’s not a surprise that attackers like to automate their own “tasks” as well. Macros are a feature which allow for task automation within the Microsoft Office suite. As a result, I decided to expand on the original idea a little bit and share my thought process with others. Weirdly enough, I wasn’t able to find any further information about it, except for a 2015 blogpost from Hexacorn. I first heard about this topic myself on Flangvik’s stream, where he briefly mentioned this method. ![]() LNK trigger keys as a means of achieving initial access and persistence. REDTEAM Abusing LNK "Features" for Initial Access and Persistence Preface
0 Comments
Leave a Reply. |