44CON 2014 - Advanced Excel Hacking, Didier Stevens
4 likes1,983 views
The document outlines an advanced Excel hacking workshop by Didier Stevens, focusing on using VBA for programming in Excel, covering features such as 64-bit support introduced with VBA7 and demonstrations through exercises like creating message boxes and utilizing API functions. It also discusses the transition from 32-bit to 64-bit applications and provides methods for coding in both environments while offering resources for further learning and discounts on related workshop materials. The document includes links for downloading materials and acquiring workshop videos.
44CON 2014 - Advanced Excel Hacking, Didier Stevens
- 1. Advanced Excel Hacking Workshop Didier Stevens http://.DidierStevens.com/excel.zip
- 2. No Exploits Just Features
- 3. Unzip excel.zip to c:excel Password: Workshop
- 4. VBA (Visual Basic for Applications) is a complete Windows programming language
- 5. VBS (Visual Basic Script) is NOT a complete Windows programming language
- 6. VBA has access to the Windows API
- 7. VBA: MS Office (Word, Excel Powerpoint, …), AutoCAD, ...
- 8. Excel: what I prefer as a User Interface
- 11. Exercise 1: “Hello World” message box with VBA
- 12. VBA7 Introduced with Office 2010 Support for 64-bit
- 13. 32-bit Excel or 64-bit Excel?
- 14. Excel 2007 or earlier: 32-bit
- 15. Excel 2010 or 2013: Check File/Help
- 17. 3 new VBA7 keywords: PtrSafe LongLong LongPtr
- 18. 2 new VBA7 compilation constants VBA7 Win64
- 19. I use Win64 If Win64 is defined, I know that I'm using VBA7 on a 64-bit application Thus I use the new keywords (PtrSafe, LongLong, LongPtr)
- 20. If Win64 is not defined, I know that I am on 32-bit application. And then I DO NOT use the new keywords.
- 21. Exercise 2: “Hello World” message box with API 32-bit, 64-bit & both
- 22. API functions: not only basic types as arguments, but also structures
- 23. Private Declare PtrSafe Sub GetSystemTime Lib "kernel32.dll" (st As SYSTEMTIME)
- 24. Private Type SYSTEMTIME wYear As Integer wMonth As Integer wDayOfWeek As Integer wDay As Integer wHour As Integer wMinute As Integer wSecond As Integer wMilliseconds As Integer End Type
- 25. Exercise 3: GetSystemTime 32-bit, 64-bit & both
- 27. NetworkMashup-32
- 29. Problem: writing a lot of VBA code
- 30. Datapipe
- 31. Modify C source code datapipe datapipe.exe → datapipe.dll
- 34. DLL to shellcode CreateMemoryModuleShellCode.py datapipe-dll. dll datapipe-dll.dll.bin
- 35. Shellcode to VBA shellcode2vba.py datapipe-dll.dll.bin datapipe-dll. dll.bin.base64.vba
- 36. ReactOS cmd and regedit
- 40. Putty
- 41. 20% discount sale for Brucon: PDF Analysis workshop videos on CD: €20 White Hat Shellcode workshop videos on CD: €20 x64 workshop videos on CD: €20 All videos on CD: €50 http://DidierStevensLabs.com