A PowerShell based utility for the creation of malicious Office macro documents. To be used for pentesting or educational purposes only.
Luckystrike is a menu-drive (SET style) PowerShell-based generator of malicious .xls and .doc documents. All your payloads are saved into a database for easy retrieval & embedding into a new or existing document. Luckystrike provides you several infection methods designed to get your payloads to execute without tripping AV. See the "Installation" section below for instructions on getting started.
Initial Blog Post & Demonstration: https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator
DerbyCon 6.0 Tool Drop Talk: https://www.youtube.com/watch?v=1Yzg1xps2kE
InstallationRequirements
- Windows 7/10 (preferably x64)
- PowerShell v5+
- Microsoft Office 2010+ installed
iex (new-object net.webclient).downloadstring('https://git.io/v7kbp')
To run, simply cd to the luckystrike directory, then .\luckystrike.ps1Uprgrading
Luckystrike will check for updates upon opening. You will be prompted to update. Any templates and payloads you have in the database are preserved.