Ushbu o'quv birligi quyidagi o'quv maqsadlarini qamrab oladi:

• Microsoft Office client-side attacks turlari haqida tushuncha hosil qilish
• Microsoft Office dasturini o'rnatish
• Microsoft Word Macros dan foydalanish

So'nggi yillarda ransomware attacks keskin oshdi.1 Ko'p hollarda, dastlabki buzilish malicious Microsoft Office macro bilan bog'liq edi. Bu keng tarqalgan attack vector hisoblanadi, chunki Office dasturi hamma joyda ishlatiladi va Office hujjatlari odatda hamkasblar o'rtasida elektron pochta orqali yuboriladi.

Ushbu o'quv birligida avval malicious Office documents ni client-side attack stsenariysida ko'rib chiqamiz. Keyin Office installation jarayonini bosqichma-bosqich o'rganamiz va nihoyat, reverse shell olish uchun embedded macros bilan malicious Word document yaratamiz.

1(Comparitech, 2022), https://www.comparitech.com/antivirus/ransomware-statistics/ ↩︎

11.2.1. Preparing the Attack

11.2.2. Installing Microsoft Office

11.2.3. Leveraging Microsoft Word Macros