FakeImageExploiter stores all records in apache2 webroot, zips (.zip) the specialist, begins apache2 and metasploit services(handler), and gives a URL to send to target (triggers agent.zip download). When the casualty runs our executable, our photo will be downloaded and opened in the default picture watcher, our malicious payload will be executed, and we will get a meterpreter session.
However, it additionally stores the operator (not ziped) into Fake ImageExploiter/output folder in the event that we wish to convey agent.jpg.exe utilizing another different attack vector.
‘This device likewise builds a cleaner.rc file to erase payloads left in target‘
Also Read WinPirate : Automated Sticky Keys Hack From A Bootable USB
Description
This module takes one existing image.jpg and one payload.ps1 (input by user) and build another payload (agent.jpg.exe) that if executed it will trigger the download of the 2 past files put away into apache2 (image.jpg + payload.ps1) and execute them.
This module additionally changes the agent.exe Icon to coordinate one file.jpg Then uses the satire ‘Shroud extensions for known record types’ strategy to hide the agent.exe expansion.
All payloads (client input) will be downloaded from our apache2 webserver what’s more, executed into target RAM. The main extension (payload contribution by user) that requires to compose payload to plate are .exe doubles.
FakeImageExploiter v1.3 – backdoor images.jpg[.ps1]
CodeName: Metamorphosis
Version release: v1.3 (Stable)
Author: pedro ubuntu [ r00t-3xp10it ]
Distros Supported : Linux Ubuntu, Kali, Mint, Parrot OS
Suspicious-Shell-Activity (SSA) RedTeam develop @2017Payloads accepted (user input):
payload.ps1 (default) | payload.bat | payload.txt | payload.exe [Metasploit]
"Edit 'settings' file before runing tool to use other extensions"
Pictures accepted (user input):
All pictures with .jpg (default) | .jpeg | .png extensions (all sizes)
"Edit 'settings' file before runing tool to use other extensions"
Dependencies/Limitations:
xterm, zenity, apache2, mingw32[64], ResourceHacker(wine)
'Auto-Installs ResourceHacker.exe under ../.wine/Program Files/.. directorys'
WARNING: To change icon manually (resource hacker bypass) edit 'settings' file.
WARNING: Only under windows systems the 2º extension will be hidden (so zip it)
WARNING: The agent.jpg.exe requires the inputed files to be in apache2 (local lan hack)
WARNING: The agent.jpg.exe uses the powershell interpreter (does not work againts wine).
WARNING: This tool will not accept payload (user input) arguments (eg nc.exe -lvp 127.0.0.1 555)
WARNING: The ResourceHacker provided by this tool requires WINE to be set to windows 7
Download/Install/Config:
1º - Download framework from github
git clone https://github.com/r00t-3xp10it/FakeImageExploiter.git
2º - Set files execution permitions
cd FakeImageExploiter
sudo chmod +x *.sh
3º - Config FakeImageExploiter settings
nano settings
4º - Run main tool
sudo ./FakeImageExploiter.shFramework Banner
Settings file
Agent(s) in windows systems
Video tutorials
FakeImageExploiter [ Official release – Main funtions ]
https://www.youtube.com/watch?v=4dEYIO-xBHU
FakeImageExploiter [ the noob friendly funtion ]
https://www.youtube.com/watch?v=abhIp-SG4kM
FakeImageExploiter [ bat payload – worddoc.docx agent ]
https://www.youtube.com/watch?v=Ah4hejGhj-M
FakeImageExploiter [ txt payload – msfdb rebuild ]
https://www.youtube.com/watch?v=g2E73GyxKhw
