Fake Image Exploiter Framework -The “Noob” Friendly Function

April 29, 2017 | Views: 3607

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hello everyone,

I’m SpiritedWolf as you all [may] know and I am uploading something after a long while because I was busy with this thing called “life” 🙂

Anyway, here is my video tutorial:

Today we are going to discuss one more awesome framework from the SSA team, i.e FakeImageExploiter.

—————————————-

CodeName: Metamorphosis

Version release: v1.3 (Stable)

Author: Pedro ubuntu [ r00t-3xp10it ]

Distros Supported: Linux Ubuntu, Kali, Mint, Parrot OS

Suspicious-Shell-Activity (SSA) RedTeam develop @2017

—————————————–

LEGAL DISCLAIMER

The author does not hold any responsibility for the bad use of this tool and remember that attacking targets without prior consent it’s illegal and punishable by law.

—————————————–

Framework description

This module takes one existing image.jpg and one payload.ps1 (input by user) and builds a new payload (agent.jpg.exe) that if executed it will trigger the download of the 2 previous files stored into apache2 (image.jpg + payload.ps1) and execute them.

 

This module also changes the agent.exe Icon to match one file.jpg Then uses the spoof ‘Hide extensions for known file types’ method to hidde the agent.exe extension.

All payloads (user input) will be downloaded from our apache2 webserver and executed into target RAM. The only extension (payload input by user) that requires to write payload to disk are .exe binaries.

—————————————–

Today we will check “The Noob Friendly Function”.

Follow me!  https://crackingforums.net/member.php?action=register&referrer=45

If you liked this tutorial then please subscribe, Like, Comment and share to my channel. Also, you can join me on cracking forums! The link is above.

———————————————————————————————————-

This tutorial is for education purpose only. I’ll not be responsible for any harm.

————————————————————————————————————

Please Subscribe My Channel If you like it: www.youtube.com/c/Pentestingwithspirit

Please Like My Facebook Page: www.facebook.com/Pentestingwithspirit

Follow me on Twitter: @spirit3113

Thanks!

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel