Exemplo n.º 1
0
def handleOfficeFormats(mpSession):
    """
    Handle MS Office output formats generation
    """
    if mpSession.stealth == True:
        if mpSession.outputFileType in MSTypes.MS_OFFICE_FORMATS:
            # Add a new empty module to keep VBA library if we hide other modules
            # See http://seclists.org/fulldisclosure/2017/Mar/90
            genericModule = mp_module.MpModule(mpSession)
            genericModule.addVBAModule("")
        else:
            logging.warn(
                " [!] Stealth option is not available for the format %s" %
                mpSession.outputFileType)

    # Shall we trojan existing file?
    if mpSession.trojan == False:
        if MSTypes.XL in mpSession.outputFileType:
            generator = ExcelGenerator(mpSession)
            generator.run()
        elif MSTypes.WD in mpSession.outputFileType:
            generator = WordGenerator(mpSession)
            generator.run()
        elif MSTypes.PPT in mpSession.outputFileType:
            generator = PowerPointGenerator(mpSession)
            generator.run()
        elif MSTypes.MPP == mpSession.outputFileType:
            generator = MSProjectGenerator(mpSession)
            generator.run()
        elif MSTypes.VSD in mpSession.outputFileType:
            generator = VisioGenerator(mpSession)
            generator.run()
        elif MSTypes.PUB == mpSession.outputFileType and MP_TYPE == "Pro":
            generator = PublisherGenerator(mpSession)
            generator.run()
    else:
        if MSTypes.XL in mpSession.outputFileType:
            if os.path.isfile(mpSession.outputFilePath):
                generator = ExcelTrojan(mpSession)
                generator.run()
            else:
                generator = ExcelGenerator(mpSession)
                generator.run()
        if MSTypes.WD in mpSession.outputFileType:
            if os.path.isfile(mpSession.outputFilePath):
                generator = WordTrojan(mpSession)
                generator.run()
            else:
                generator = WordGenerator(mpSession)
                generator.run()
        if MSTypes.PPT in mpSession.outputFileType:
            if os.path.isfile(mpSession.outputFilePath):
                generator = PptTrojan(mpSession)
                generator.run()
            else:
                generator = PowerPointGenerator(mpSession)
                generator.run()
        if MSTypes.VSD in mpSession.outputFileType:
            if os.path.isfile(mpSession.outputFilePath):
                generator = VisioTrojan(mpSession)
                generator.run()
            else:
                generator = VisioGenerator(mpSession)
                generator.run()

        if MSTypes.MPP in mpSession.outputFileType:
            if os.path.isfile(mpSession.outputFilePath):
                generator = MsProjectTrojan(mpSession)
                generator.run()
            else:
                generator = MSProjectGenerator(mpSession)
                generator.run()

    if mpSession.stealth == True:
        obfuscator = Stealth(mpSession)
        obfuscator.run()

    if mpSession.ddeMode:  # DDE Attack mode
        if MSTypes.WD in mpSession.outputFileType:
            generator = WordDDE(mpSession)
            generator.run()
        elif MSTypes.XL in mpSession.outputFileType:
            generator = ExcelDDE(mpSession)
            generator.run()
        else:
            logging.warn(
                " [!] Word and Word97 are only format supported for DDE attacks."
            )