Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-16 14:08:26 +00:00
Code Issues Projects Releases Packages Wiki Activity

GITBOOK-4330: No subject

Browse source
This commit is contained in:
CPol 2024-05-07 11:01:46 +00:00 committed by gitbook-bot
parent fe11b16c68
commit 19e882712e
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
pentesting-web/formula-csv-doc-latex-ghostscript-injection.md
View file

@ -16,7 +16,7 @@ Other ways to support HackTricks:
**Try Hard Security Group**
<figure><img src="/.gitbook/assets/telegram-cloud-document-1-5159108904864449420.jpg" alt=""><figcaption></figcaption></figure>
<figure><img src="../.gitbook/assets/telegram-cloud-document-1-5159108904864449420.jpg" alt=""><figcaption></figcaption></figure>
{% embed url="https://discord.gg/tryhardsecurity" %}
@ -75,7 +75,7 @@ In specific configurations or older versions of Excel, a feature called Dynamic
When a spreadsheet with the malicious payload is opened (and if the user accepts the warnings), the payload is executed. For example, to launch the calculator application, the payload would be:
```markdown
`=cmd|' /C calc'!xxx`
=cmd|' /C calc'!xxx
```
Additional commands can also be executed, such as downloading and executing a file using PowerShell:
@ -219,7 +219,7 @@ From [@EdOverflow](https://twitter.com/intigriti/status/1101509684614320130)
**Try Hard Security Group**
<figure><img src="/.gitbook/assets/telegram-cloud-document-1-5159108904864449420.jpg" alt=""><figcaption></figcaption></figure>
<figure><img src="../.gitbook/assets/telegram-cloud-document-1-5159108904864449420.jpg" alt=""><figcaption></figcaption></figure>
{% embed url="https://discord.gg/tryhardsecurity" %}