Points: 20 Category: Forensics
What could go wrong if we let Word documents run programs? (aka "in-the-clear"). Download file.
I watched about 3 minutes of the video. The description and the video are both pointing towards macros which are potentially malicious programs which is a wonderful feature for hackers!
After opening the file in Microsoft word, I navigated to view, and macros.
Here is a better explanation on how to view macros.
Inside the macros, this code is found:
Sub runpython()
Dim Ret_Val
Args = """" '"""
Ret_Val = Shell("python -c 'print(\"cGljb0NURnttNGNyMHNfcl9kNG5nM3IwdXN9\")'" & " " & Args, vbNormalFocus)
If Ret_Val = 0 Then
MsgBox "Couldn't run python script!", vbOKOnly
End If
this string looks promising.
It looks like base 64