Hide Payload in MS Office Document Properties

Carrie Roberts* //

Can you think of a reason why you might want to put a lengthy comment into the properties of an MS Office document?

If you can, then you might like this PowerShell script that will put a comment of any length into this field you. Microsoft limits the length of comments that can be inserted when using the application (e.g. Word, Excel, PowerPoint), but this script gets you past that limitation. The animation below shows the script in action.

The script also includes a “Sanitize” option that will clear out the values for the “Author” and “Last Modified By” document properties, in case you don’t want to share that information. Or you can use additional command line parameters to set specific values as shown in the demo.

To read the comment value out using a Macro, use this for MS Word:

Dim prop As DocumentProperty

 For Each prop In ActiveDocument.BuiltInDocumentProperties

    If prop.Name = "Comments" Then

        MsgBox prop.Value

    End If

 Next

Or for MS Excel, just change ActiveDocument to ActiveWorkbook:

Dim prop As DocumentProperty

 For Each prop In ActiveWorkbook.BuiltinDocumentProperties

    If prop.Name = "Comments" Then

        MsgBox prop.Value

    End If

 Next 

And for PowerPoint? You guessed it:

Dim prop As DocumentProperty

 For Each prop In ActivePresentation.BuiltInDocumentProperties

    If prop.Name = "Comments" Then

        MsgBox prop.Value

    End If

 Next

Maybe you would like to enter your comment as a base64 encoded string and decode it within the macro. This vbscript code will do the trick.

I hope that this has been a helpful post and you find the script useful. Until next time . . .

_______

*Carrie was previously a BHIS tester until she transferred to another great company. But we’re super happy to have her many awesome, informative guest posts!