I have just written a new script to injects meterpreter shell to excel file.
This will speed up the pentesting process to embed malicious VBA scripts in excel files.
For this script to work, you will need windows, microsoft excel, perl and perl module Win32:OLE
To install perl module Win32:OLE (take note that its case sensitive)
cpan> install Win32:OLE
You can find my project at http://code.google.com/p/xlsinjector/
To run the script, simple type
[If you want it to download an excel file from the web]
C:\ perl xlsinjector.pl -u http://website/excel.xls -o 1234.xls
[If you want it to use a local excel file. Put the excel file in the same folder as the script]
C:\ perl xlsinjector.pl -i excel.xls -o 1234.xls
The -o argument is optional.
You can also view my demonstration video at securitytube.net