MS Office Files

From: Romes, Randall J. (Rromes@larsonallen.com)
Date: Thu Feb 13 2003 - 17:08:49 EST


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

During the course of a pen test, we have been able to download some word
documents from a web server. I have determined that the author of the
documents is/was an employee of the company I am testing.

I recall a while back seeing a post somewhere about pulling credential
information from Office documents, but I can' t seem to find it now.

Does this ring a bell, and if so, can anyone point me in the right
direction?

Thanks
Randy Romes
rromes@larsonallen.com

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPkwXcDe9i44rosLHEQLd1ACfW4aS0PT/xDhogZl/qjZTEJxYFNQAoOth
IWXGpDaT2URQN5oCL/1aaTlb
=Kn7u
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:28 EDT