How hackers hack with an image Trojan?!

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
I'm going to teach you today how you can create a simple image F send it over to the user after that you gain full control of the entire PC and with that image you can even send it to Mr hacka Loy and what it can do for you is that it can help you investigate your IP address your email your password every information about you and I will hack you for free and now before we go any for to kids remember hacking is illegal if you get caught hacking do not tell them you know who is Mr hackery if you want to hack you must hack only the devices that you own and yes this video is strictly for educational purposes only and if I was to send you any follow just go ahead and open it up I promise you nothing will happen I mean just look at this image is so innocent what can Mr hecko do to you I will just help you check what is your email and password and date of above and all the information about you I'm just doing it for free for you okay just kidding there will only be three steps for today's session step one is you need a photo of someone who is very good-looking like Mr hacka Loy step two is you need to now write code which is going to be written in say Powershell script or at the same time you can also write in a batch file script step three is where we are now going to be able to convert this script that you have written into an exe format that allow us to embate the icon of the image that we've selected earlier into the exe file disguising it as an image well this sounds pretty straightforward isn't it so as you can see here I have already downloaded the file next up what we need to do is to go ahead and create a new f do a right click new and go ahead and select under say text. document so whatever the case is we'll be renaming it so in this case I'm going to call it as hacker ly. PS1 which is for Powershell script extension hit enter on that and once you hit enter on that you will get a popup that says the following rename all right so we're changing the file name extension click yes done and what we'll be doing now is do a right click onto the file click on ADD it all right so once you click on ADD it you can see over here we have Windows Powershell ISC I have already written the code for you and you just have to follow this it's pretty straightforward so what we're doing now is we're downloading a specific file called netcat so this will give us the ability to gain control remote control of the computer and with that what we're doing here now is to go over into the system environment folder of desktop so whatever the user is going to be opening the file from we can go into the desktop and be able to launch this executable next up we have the file path and of course finally we are joining the file name as well as the path next up what we're doing now is the target into the image file of Mr hansome Loy so we're able to download that file and again same thing save it over into say desktop after which what we're doing here now is we're invoking the URI that we're targeting all right and then we're going to hike that file all right same thing for item or object number two and then after that what we do now is we have a special parameter that launches snap cat in in silent in the background connecting over into the Hacker's IP address which then give us that reverse shell and you can see right towards the end we're executing all of this together along with opening the image by hiding everything else and right here we are on our favorite tical hacking operating system K Linux and all we got to do right now is go ahead and anther a NC n lvp 4444 to start our listener so that when a user open up the image this gives us access to the computer so going back over in the poell script we want to make sure that the script is working first before we convert it into an executable so what we can do now is go ahead and click onto run the script you're about to run will be saved click okay and now what we do is we head back over into col Linux and you can see right here we now have access we now have removed connection to the computer I can say anther who are you all I just kidding there no such command but I can answer say who am I I am PC young all right so this is hacker Loy and of course at the same same time we have the handsome image popping up right here so what we need to do now is to convert the PO shell script over into an executable so in this case we have the source file so let's go ahead and select the source file so I can do a right click on the source file click on the properties and over here all right we have the details and we can see that is on C users young desktop so go ahead and click on okay and now what we can do is go ahead and enter the following or source file SL C users young desktop slacker la. PS1 all right so Target file is going to be c/ users right young SL desktop SL and of course we have to got icon file so what I have here now is the file and all we got to do is go ahead and click convert into the Ico format and we'll be able to download the file so let's go ahead and download that into our desktop so that we can use it as an icon so you can see here we have the Ico file and of course we now have highlighted icon fall all right and we have the version product name and so on so forth suppress output suppress error output so once you're ready go ahead and click compile and you can see right here a popup all right the popup says the following okay we're compiling the file and the output file has now been written all right go ahead and press enter to leave done we now have the file so you can see right here the file has been created so we can send this file over to anyone and once they execute on the file that's it it's G over now before we do that we need to rename this file so do right click on this click rename and we're going to change the following so we're going to answer JP G do all right exe done on most computers if you go on the file explorer click on to view there are a couple of things are missing first is that they do not have the file name extensions being opened up and number two they are hiding all this different items as long as attribut is hidden you will be able to hike that file hike that folder and this is the default settings now as you can see here we have downloaded the file and the file can come from an email attachment it can come from AAL social media message it can come from many different places and what's going to happen now is if you double clicked on it it's game over we'll go back over to colinux and start up a listener so let's go ahead and enter NC n lvp 4444 H enter and that's so we're listening our aacer machine is waiting waiting for connection to come in now in three two one a heat and thr on that boom we have opened the image now if I go back over to col Linux you can see right here we are in we now have food control of the Entire Computer yes it is game over I can say for example this step the user by entering say notepad. ENT on that and if head back over to the user computer you can see the notepad has now been opened up because we have removed control of the PC now let's go ahead and see what are indicators that this is a bad file so go back to file explorer click under view select onto file name extensions go back to view again and select under hidden items so now when we close this is we can see a couple of things here you can see there are two files that have been created into the current directory or folder and at the same time if you look over into the file here with hacker. jg. exe if you right click onto the taskar click on task manager you can see right here there something interesting going on with nc. exe running and this is particularly unusual so all we got to do right now is go ahead and right click on nc. exe click and task and if I hit back over and K Linux you can see right here if I hit enter on this now we have lost connection we no longer have access to the computer so we no longer can remotely control and see what a user is doing
Info
Channel: Loi Liang Yang
Views: 107,281
Rating: undefined out of 5
Keywords: hacker, hacking, cracker, cracking, kali linux, kali, metasploit, ethical hacking, ethical hacker, penetration testing, penetration tester, owasp
Id: DA0yaqzK4ZY
Channel Id: undefined
Length: 7min 39sec (459 seconds)
Published: Wed Jan 31 2024
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.