How to get Reverse Shell from Word Documents

Hey Guys, what's up! I think you all are well and fine. So finally I thought to post my first ever blog for which I was * waiting * for a very long time. But finally, we are here and we are going to do it all together.

So let's Start this Blog without wasting any further time. You might have got an idea of what we are going to talk about in Today's Blog. I think :)  Yes.

We will be talking about How we can do the task of Getting Back * Reverse Shell * when we open up the Word Document. But, before we get into its setup, let me warn you that the knowledge you get must never be used to inflict harm to an individual or an organization, and if that happens, we (thedecentshub) will not be held liable.

Lab Environment Configuration -

We will be using up the Kali Linux Machine to receive up the connection and a Windows Virtual Machine as sender. 

Pre-requisites required for the Task -

* Setting up the * Ngrok Server * for Port Forwarding.

You can refer to my YouTube video if you want to know how to set up with the Ngrok Server.

Video Link - Setup The Ngrok Server

* Using * Ncat Tool * to build up the * TCP Connection * between two computers.

* Use the Microsoft Word(make sure you use the same because we would be dealing up with Macros)

So let's do it. Are You Ready.......................

Step 1- Use Ngrok Server(or any other service) you would like to have your port forwarded.

I already told you how to set up with Ngrok (provided you with a video link above). If you already know so, then you can move ahead with the port-forwarding part.

You need to type the command - ./ngrok tcp (for e.g) 1234 

As I told you we will be forwarding our TCP Port since we want to build TCP Connection between two different PCs.

  

It will forward your Port something like this and will provide a public identity to your private domain.

Step 2 -  Generate the PowerShell payload required.

For generating up the payload we need to work with two python files. The first file will take the public IP and Port provided by Ngrok and will generate the payload. The second file will turn the payload in the format to be fed as  Macro in a Word Document.

Both the python files are provided up in the form of a Git Repository for which the link is -

GitHub Repo

The first python file named * newpayloadgeneration.py * will be used to generate the raw Power Shell Payload.

The Second file named * payload.py * will be used to generate the payload to be fed as a Word Macro. 

While editing up the payload.py we need to put the above-generated payload in the variable named 

* str *.

After providing the payload and proper editing, run the payload.py file and it will provide with the payload to be fed in the Word as a Macro.

Now, we are almost set and we will move now to STEP3.

STEP3 - Moving inside Microsoft Word. Time to play with 

* Macros *.....

Inside Word Document, first we need to enable Developer options, so that we can work with Macros.

You can enable Developer options by following the given path.

File -> Options -> Customize Ribbon -> Enable Developer Options in the Right Pane.

Now click on Macros, then on Create Macro after providing a name - AutoOpen to it.

After that make the editing as given -

Now, save up the file successfully. And before opening the Document use the Ncat tool to open up a listener where you will be provided up with the reverse shell.

Use command - ncat -nvlp 1234(port must be the same as provided in the Ngrok).

If an error comes like that is not installed install it using

In Kali - *sudo apt install ncat * 

Now you will notice as soon as you open the Document, you get the reverse shell to the Windows PC on which you opened up the Document.

To verify it you can create up a directory in the PC using reverse shell and verify it on your 

* Target Machine *

I have also created up a video on the same topic. If u have any doubts related to the Blog, u can also refer to the below provided YouTube video link -

.

Do you want to find out how to utilize and interact with ChatGPT, the AI language model? Click below ---

Mastering ChatGPT: From Beginner to Advanced

The online course will teach you everything you need to know. This course covers everything, whether you're a beginner or an advanced user, including ChatGPT's capabilities and potential applications in numerous domains. With this practical knowledge and abilities, you can use ChatGPT's capability to achieve your objectives more effectively. And, with a 33% discount, there's no better time than now to enroll. Don't miss this opportunity – enroll in Mastering ChatGPT: From Beginner to Advanced today and begin your journey towards becoming a ChatGPT expert!

My other posts -

https://www.thedecentshub.tech/2021/09/bug-bounty-series-subdomain-enumeration.html

https://www.thedecentshub.tech/2021/09/creating-deepfakes-first-order-motion-model-for-image-animation.html

https://www.thedecentshub.tech/2021/08/why-hacking-is-always-seen-from.html

https://www.thedecentshub.tech/2021/08/osintgram-perform-osint-on-instagram.html

https://www.thedecentshub.tech/2021/08/retrieve-user-information-using.html

https://www.thedecentshub.tech/2021/08/reverse-shell-using-excel.html

https://www.thedecentshub.tech/2021/08/reverse-shell-from-word-documents.html

So Guys, this much for this blog, if you like the content you can follow me up, can also subscribe to my YouTube channel. If you Guys want that I keepbringing this sort of Bogs and videos for you, you can show your support to me ...

Buy me a Coffee and show your Support 😊 ----- PayPal ID - https://www.paypal.me/agthecoder UPI ID- apoorvgupta@kotak

Till Next Blog Guys, *TaTa*, Goodbye. I hope you enjoyed the Blog 😊