No video
Hackers can now HACK you with just a Word Document! | Zero-Day Exploit!
Рет қаралды 101,706
Күн бұрынCreate your own native application from your website in minutes with AppMySite (no coding required): www.appmysite....
This is the recently discovered Follina exploit which is assigned as CVE-2022-30190. It allows the hacker to get a Remote Code Execution (RCE) on your computer. In-order to trigger this exploit, the user need not even open the maldoc, he/she just needs to preview it!
The vulnerability lies in the MS-MSDT URL protocol - Windows blindly executes code when this protocol is used along with some parameters and a powershell expression.
DISCLAIMER
This video is made only for educational purposes and to bring awareness in viewers about this zero day exploit, and it contains instructions on how to protect yourself from it. So take it the right away, do not use it on anyone without their consent. This is a serious thing.
Check out John Hammond's video for a more in-depth explanation about this exploit: • Exploiting MSDT 0-Day ...
A workaround for this vulnerability is to disable MSDT URL protocol on your computer. In-order to do that:
1. Open cmd as administrator
2. Backup your registry key with the command: reg export HKEY_CLASSES_ROOT\ms-msdt filename
3. Disable MSDT: reg delete HKEY_CLASSES_ROOT\ms-msdt /f
This should make you invulnerable to this exploit until the patch releases.
Stay safe guys!
Thanks for watching!
SUBSCRIBE for more videos!
Join my Discord: / discord
Follow me on Instagram: / teja.techraj
Website: techraj156.com
Blog: blog.techraj15...
#zeroday
@TechRaj156 2 жыл бұрын
Check out my FREE course on SQL Injection for Beginners, you also get a completion certificate: bit.ly/3MTMQ2Q
@Nxyy 2 жыл бұрын
ur a lier u opened the file
@_JohnHammond 2 жыл бұрын
Thanks so much for the shout-out, and especially thanks for showcasing the PoC! 🥰
@karthiksharath5622 2 жыл бұрын
You're an inspiration to all of us John! Thanks for all the effort!
@Riborwahz 2 жыл бұрын
John Hammond u had me as your subscriber thanks for the video with David Bombal
@smarterthinks 2 жыл бұрын
hey can anyone send me that file to me plsssss
@FNAFIGNITEDFREDDYCLUB 2 жыл бұрын
Sure
@hanneshultgren6198 2 жыл бұрын
And Thank you for share to us about this hack! hour unix father.
@gatorrade1680 2 жыл бұрын
For anyone who is wondering: You can undo the workaround with this command "reg import backupregistry" Great video as allways, Raj 😎
@TheMessanger 2 жыл бұрын
Yeah bankruptcy filing will be needed when they take everything
@codeJamalonRH 2 жыл бұрын
@@TheMessanger 😭😭
@TheMessanger 2 жыл бұрын
@@codeJamalonRH don't worry if is not the hacker is your wife or family 😭
@codeJamalonRH 2 жыл бұрын
@@TheMessanger 😂😂😂
@lancemadrazo 2 жыл бұрын
Your channel is too underrated, you'd make the next Jim Browning. Hell, your almost just as good as him
@adisonmasih 2 жыл бұрын
Damn. Never Thought About RTF & Preview Pane! Thanks A Lot For Keeping Us Updated.
@harshjain8345 2 жыл бұрын
Loving the consistency and the content as well! Keep them coming! Also.. seems like your shadow ban is removed since one of your videos got good amount of views within 2 weeks of uploading !
@thembekileblessmore 2 жыл бұрын
Ok, now I can hack my professors and give myself higher grades.
@shivjain 2 жыл бұрын
Thanks!
@psylingames8371 Жыл бұрын
He’s so smart and knowledgeable. You earned a subscription!
@vladislavkaras491 11 ай бұрын
Impressive! Thanks for the video!
@_GhostMiner 2 жыл бұрын
0:20 does this work only work when you have preview window enabled? I use details instead of preview.
@sher.5027 2 жыл бұрын
Thanks for informing with short and best explanation. I liked, shared and subscribed. :)
@techywarrior1190 2 жыл бұрын
again awesome video as always , also please make a update video on yoyr rig as market crashes
@timewalkwalker 2 жыл бұрын
So cool microsoft really need to patch this many people uses these ms apps and this is really dangerous
@xopionxopion6170 2 жыл бұрын
Thanks for alerting us.... And nice video,carry on...
@MERE8 2 жыл бұрын
Thank you! ❤
@GlobalSuccessNarratives 2 жыл бұрын
We need more content like this
@danixunboxing 2 жыл бұрын
Amazing Video bro, learned a lot from this best explanation on MSDT vulnerability. Big Love from Pakistan..
@bashdante3333 2 жыл бұрын
it will be a good idea if i try the last part of this video on work's computer?
@thembekileblessmore 2 жыл бұрын
Can you do tutorial on how to make my own Follina?
@xiaoshou6752 2 жыл бұрын
What exactly does disabling that protocol change to your computer? Will it impact its behaviour in some noticable way?
@OkSear Жыл бұрын
same thing I want to know
@newuser4229 2 жыл бұрын
But how can I create this?
@shaunzhang733 2 жыл бұрын
Does this vulnerability affect users who use WPS office, Libreoffice and Softmaker Freeoffice? I use WPS office, by the way.
@nitishg29 2 жыл бұрын
Make some videos on learning about hacking
@youcefabed7880 Жыл бұрын
bonjour j'ai besoin de votre aide monsieur
@jacskyline 2 жыл бұрын
Thanks for the video. I have a question. The direct execution on preview mode on Windows Explorer only occurs on rtf formats?
@TechRaj156 2 жыл бұрын
yes
@sujeetkumarsinghmath 2 жыл бұрын
101 reasons to use linux
@changeurlife89 2 жыл бұрын
Where I get that word file please tell me
@osissmpktmc 2 жыл бұрын
Probably not allowed to get that, because of another purposes
@changeurlife89 2 жыл бұрын
Ok.. but i need to test..
@dontreadthis888 2 жыл бұрын
Even if you got it, its useless for you, because you cannot get the reverse shell as it is controlled by the one who made this file
@hashimkhan3276 Жыл бұрын
Hello bro my friend hack my mobile i did not know I just click on link and they hack my all mobile and get picture of me live and also take my network cameras how I recover it I did not know something about hacking pleaze help me pleazeeeee he hack on kali linux😔😔😔😔
@hashimkhan3276 Жыл бұрын
Pleazeee brooo
@codedaily365 2 жыл бұрын
Ik this!! THIS IS REALLY MESSED UP!!! i saw this on Network chucks recent video! Hope this exploit gets fixed soon. Btw i love ur videos! YOUR OLD SUBSCRIBER! lol
@leophysics 2 жыл бұрын
Is that macro vunrability . Is it work if macro is off?
@deepitprajapati5261 Жыл бұрын
Can you post a video to setup our own FTP server
@xsycl 17 күн бұрын
"i wont open it" proceeds to double click the file
@BiteYt69 2 жыл бұрын
Thanks brother for the video
@press3626 7 ай бұрын
this is so old lol, macro xlsm was a good time (=
@ItzFallen 2 жыл бұрын
You earned a sub!
@vinusuhas4978 2 жыл бұрын
what happened if u open through google docs itself?
@techtechtech1264 2 жыл бұрын
Please which android rat is the best Techraj?
@justinedawnz 5 ай бұрын
Wow our computers can be hacked through word documents
@thamimtommy7106 2 жыл бұрын
Hacker can hack your computer even though you don't have one 😂
@ytg6663 11 ай бұрын
If there was NO Patch, how poc went public 🤣🤣🤣
@user-qr8ty6ul9i Жыл бұрын
It doesn't work as you showed. windows bit defender can't let it enter.
@LShortcuts 2 жыл бұрын
Already installed the patch
@mega_micro 2 жыл бұрын
Is it possible on Win10?
@mrva4477 2 жыл бұрын
you dropped this👑👑
@4nkitpatel 2 жыл бұрын
Is it solved today or we just have patch for it ?
@bingo8920 2 жыл бұрын
you should work in Microsoft, you're really smart, thnx
@dontreadthis888 2 жыл бұрын
Every cyber security person goes through this everyday, Its no big deal
@piotrek4259 2 жыл бұрын
Next: Hackers can now HACK you with just a KZfaq Video!
@gallium-gonzollium 2 жыл бұрын
Windows Sandbox: *I am 100 steps in front of you*
@stinkybooty1153 11 ай бұрын
did they patch this yet?
@duniamotivasi8342 2 жыл бұрын
No reverse shell anymore
@arkodeepchatterjee Жыл бұрын
how to do this?
@singularity2000 2 жыл бұрын
Really dangerous
@acsai6274 Жыл бұрын
Zero day attack is zero click attack
@rshnthms 2 жыл бұрын
What happens when we open within Google doc or outlook view
@chinesericexfarmer6067 2 жыл бұрын
Will it work even if i don't hv internet connection
@MdAbdullahAlMamun 2 жыл бұрын
wow good information thanks for shaeing
@13part 2 жыл бұрын
how can i use it pls
@laxmikantsaraswat6319 2 жыл бұрын
the network chunk🔥
@kk9870 2 жыл бұрын
❤️ I love you~ ❤️
@ividimitrova8030 2 жыл бұрын
I lov him more 😍👹
@kk9870 2 жыл бұрын
@@ividimitrova8030 KAK SMEESH PACHAVRO SKAPANA DA GORISH V ADA
@betadv 2 жыл бұрын
previewing the file opens the file :/
@JohnPaulBuce 2 жыл бұрын
never gonna click that file
@Ghost-vx4yb 2 жыл бұрын
I have grapheneos it protects me from this
@VigneshVicky-ph1yn Жыл бұрын
That's why I am using ubantu
@sudarshanprasad9615 2 жыл бұрын
Yoo, where can I get this file ???
@DeejTiuz 2 жыл бұрын
Kek, the delete string it's not working for me, it says if I want to delete it, I say yes and it gave me an error that it is does not exist xd
@ozrencupac 2 жыл бұрын
Me who uses linux: I dont have these issues anymore
@Dahlah.FightMe 2 жыл бұрын
Nice Bro :D
@pRR5FSDiqyqznJ2t1LkSez 2 жыл бұрын
now? i have been using this for long time
@JontheRippa 2 жыл бұрын
Wow Verry good 👍
@tropojagashi9802 Жыл бұрын
so your saying text docs arent even safe now damn
@hackersareherewhereareyou 2 жыл бұрын
Bro we can hack using video
@bewithme6767 2 жыл бұрын
network chuck was here
@greenculturemedia 2 жыл бұрын
From your command p. How can someone check if he is being hacked ? Or how can someone undo a hacker with command p
@giovannis.c.4518 2 жыл бұрын
maybe with some tools like wireshark you could maybe see the network traffic but I don't think there is a magic command that tells you if you are hacked, if your antivirus doesn't detect it then is kind of difficult.
@Ben_Anter Жыл бұрын
why you lying? you can clearly see you double click on the file
@realkitten7171 2 жыл бұрын
LMFAO next time don't put "without opening" into the thumbnail if in the video you clearly open the file.
@hoovyyyy 2 жыл бұрын
How to rick roll a friend
@mejnkrasz4926 2 жыл бұрын
Very good and working crack thx
@S2M-BrainBites 2 жыл бұрын
Is this working in android
@thepikachugamer 2 жыл бұрын
?
@medfaroukkhabir 2 жыл бұрын
you rickrolled us !
@sadikmahmud7787 2 жыл бұрын
That's amazing
@CodeBinge 2 жыл бұрын
You should've used @John Hammond's python script. Much easier to use(as they show it) EDIT: I only saw the part where you change the code and commented, didn't know you did later
@robertwells3797 2 жыл бұрын
You literally clicked it to open the file 😂
@fintsolutions3851 Жыл бұрын
⬆️⬆️⬆️ you are a real master of the arts.
@anha4259 2 жыл бұрын
We was already rickrolled
@capebaldy4365 2 жыл бұрын
oooh
@panic_seller 2 жыл бұрын
God knows how many zero day attacks are not reported out there. We have a virus in our company luckily Kaspersky can catch it, ofcourse I don't use company laptop with bogus antivirus🤣🤣
@xAffan 2 жыл бұрын
Use Linux
@BugbountyPOCs41 2 жыл бұрын
Amog us
@selinapena3276 2 жыл бұрын
Lol 😂
@itsankitbhusal 2 жыл бұрын
Le me using Debian 🤣
@crlfff 2 жыл бұрын
bruhhh an indian
@shakibhoshen6803 2 жыл бұрын
Nc
@0zi146 2 жыл бұрын
numero uno egg
@0zi146 2 жыл бұрын
PIN ME PLEASEEEE
@jisz2982 2 жыл бұрын
Nice
@prabhatmishra8422 2 жыл бұрын
I'm curious to know that do u follow NetworkChuck 😅
@cashappservices3954 2 жыл бұрын
Cashapp blessing
@shoobooo9224 2 жыл бұрын
word.exe lol
@notamongyou 2 жыл бұрын
It's not possible until the system is vulnerable, if you can hack me you will be rewarded 🙌🤍
@dontreadthis888 2 жыл бұрын
Every system is vulnerable, This is a new zero-day CVE-202230190 i think
@xAffan 2 жыл бұрын
@@dontreadthis888 what if you are NOT running windows?
@dontreadthis888 2 жыл бұрын
@@xAffan I was talking about windows users. But i'm not saying LINUX or MAC is safe, Every system has its own vulnerabilities maybe some linux vulnerabilities are not yet discovered
@xAffan 2 жыл бұрын
@@dontreadthis888 ik but Linux is much secure cus most servers and android run on it so big companies always check the kernel for vulnerabilities etc. But ye ur right and it's used less in desktop space so there's not much attackers so it's pretty secure
@dontreadthis888 2 жыл бұрын
@@xAffan Yeah you're right, but i'm not saying its totally safe, cuz newer vulnerabilities are found often these days
Garena Free Fire Global
Рет қаралды 10 МЛН