Microsoft Word Remote Code Execution and System Compromise

Premise

In this video, I explained how you can turn a Microsoft word file into a malicious victim hunting vehicle to compromise Windows systems.

Basically I have gone through multiple steps to accomplish this:

1- Creating a reverse TCP payload with PowerShell using msfvenom alongside with eliminating bad characters and using encoders to evade Antiviruses as much as possible.

2- Crafting a visual basic script and put it in a macro-enabled word file.

3- Integrating the shellcode from the first step into the macro-enabled word file.

4- Saving the word file with doc extension.

5- Sending the file to your testing machine

Get Blue Team Notes

Video Walk-through

Exploitation, OSCP, Penetration Testing, Powershell, Videos

Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles

Press ESC to close

Microsoft Word Remote Code Execution and System Compromise

Video Walk-through

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

You might also like

Open Source Intelligence Reddit Case Study | TryHackMe Advent of Cyber

Open Source Intelligence Tools & Techniques Explained With Case Studies

WordPress XXE Vulnerability | CVE-2021-29447 TryHackMe