IT444 Network Security Administration II
Project #03 - REMOTE Version (PowerShell Empire with Macro, Character Map, and Key-logger)

Lab Report Due: October 26, 2020, 11:59pm


  1. Reading: GHH - Chapter 15: PowerShell Exploitation
  2. Follow the instructions the attached file for simulating Kali's "attack" on Win7 Project 3 - PowerShell Empire with Macro, etc..
  3. The purpose of this second lab is to let you use your VMs to simulate a an attack involving a malicious script hidden with something as (seemingly) innocent as a PowerPoint file.
  4. Write about all of this in your admin log. I want an overall description of what you are doing and also answers to specific prompts in the instructions.
  5. Discussion Questions:
    • Why do we need to use unix2dos on the file launcher.vbs before moving it to Win7
    • How is our launcher.vbs script "hidden" within the PowerPoint file?
    • Briefly explain the meaning of a "macro" in PowerPoint.
    • Briefly explain what a keylogger is and why it can be a security hazard.

Project #03 Pre-Submission Checklist :

Check  YES    NO  
Your project file has this exact title: report_03.txt
report_03.txt is located in your it444/reports directory
report_03.txt is a plain-text file:
Character encoding is ASCII or Latin-1/ISO-8859-1
Uses proper Unix-style line endings
Lines are no more than 80 characters long
All discussion questions have been answered at the end
Work has been proofread for spelling, grammar, and punctuation
Work has been formatted properly and neatly
Any works consulted have been cited.
Any direct quotations have been explicitly quoted and cited.