Demo!! please for the whole process

[ghost]

Demo!! please for the whole process

[Mr-Un1k0d3r]

Process is pretty straightforward you simply set your payload in the appropriate json config file. Once it's done execute the program that will return a vba file which is the final macro that need to added to the document. That's pretty much it

{
    "description": "Command exec payload using WMI Win32_Process class\nEvasion technique set to check running process",
    "template": "templates/payloads/wmi-evasion-process-template.vba",
    "varcount": 150,
    "encodingoffset": 4,
    "chunksize": 200,
    "encodedvars":  {
                "PROCESS_NAME":"outlook.exe"
            },
    "vars":     [],
    "evasion":  ["encoder", "process"],
    "payload": "cmd.exe /c whoami"
}

The last line of the configuration file "payload":"" is where you place your payload. The rest of the configuration can remain unchanged.

[ankushgoel27]

it gives an error if i include a payload to call a file from webdav. so \ breaks the config file inside the payload.