Don't open this word document...
In this video, I showcase how hackers make use of Microsoft Word macros to download and execute malicious payloads on your computer and gain complete access to your system.
To protect yourself from such attacks, try SquareX - an awesome, free tool that allows you to open suspicious URLs and Files in an isolated cloud instance. This way, your personal computer will be completely safe even if you open a malicious file.
Check out SqareX: http://sqrx.io/techraj
DISCLAIMER: This video is intended only for educational purposes.
The experiments in this video are performed in a controlled
lab setup and not on a live target. The content is purely
from a penetration testing perspective. I do not
condone or encourage any illegal activities.This video is intended only for educational purposes.
The experiments in this video are performed in a controlled
lab setup and not on a live target. The content is purely
from a penetration testing perspective. I do not
condone or encourage any illegal activities.
To create the malicious word document that I used in this video, I used the famous open source project called Metasploit to generate a reverse shell that is compatible on Windows 64-bit computers. The payload connects back to the mentioned IP address and port when executed.
I've then created a word document and written a simple word macro that downloads this payload from my python web server and executes it.
Now, I simply start a listener on my Metasploit console and wait for the victim to open the file the document and click "Enable Editing". When this happens, the payload is downloaded and executed on the victim's computer which gives me a connection on my msfconsole.
Thanks for watching!
SUBSCRIBE for more videos!
Join my Discord: / discord
Follow me on Instagram: / teja.techraj
Website: https://techraj156.com
Blog: https://blog.techraj156.com
![[FREE] Pop Punk Type Beat](https://images.videosashka.com/watch/WBrUoj0FKkE)
