Wednesday, 14 November 2018

FakeImageExploiter - Use a Fake Image to Exploit Target

This module takes one existing image.jpg and one payload.ps1 (input by user) and builds a new payload (agent.jpg.exe) that if executed it... thumbnail 1 summary
This module takes one existing image.jpg and one payload.ps1 (input by user) and builds a new payload (agent.jpg.exe) that if executed it will trigger the download of the 2 previous files stored into apache2 (image.jpg + payload.ps1) and execute them.

This module also changes the agent.exe Icon to match one file.jpg Then uses the spoof 'Hide extensions for known file types' method to hidde the agent.exe extension.
All payloads (user input) will be downloaded from our apache2 webserver and executed into target RAM. The only extension (payload input by user) that requires to write payload to disk are .exe binaries.

Download/Install/Config

1º - Download framework from github 
 git clone https://github.com/r00t-3xp10it/FakeImageExploiter.git 
2 - Set files execution permitions 
 cd FakeImageExploiter  
sudo chmod +x *.sh 
 3º - Config FakeImageExploiter settings nano settings 
 4º - Run main tool 
 sudo ./FakeImageExploiter.sh

Video tutorials:

FakeImageExploiter [ Official release - Main funtions ]: https://www.youtube.com/watch?v=4dEYIO-xBHU

FakeImageExploiter [ the noob friendly funtion ]: https://www.youtube.com/watch?v=abhIp-SG4kM

FakeImageExploiter [ bat payload - worddoc.docx agent ]: https://www.youtube.com/watch?v=Ah4hejGhj-M

FakeImageExploiter [ txt payload - msfdb rebuild ]: https://www.youtube.com/watch?v=g2E73GyxKhw

No comments

Post a Comment