Hackers Are Waiting For You to Open This Image
Вставка
- Опубліковано 5 чер 2024
- This video will show you how hackers can control your device using a trojan via discord!
🔴 Get $100 FREE credit on Linode to create your own cloud server (Valid for 60 days)👇
www.linode.com/zsecurity
------------------------------------------------------------------------------------
Maythom personal UA-cam channel: / @maythom
Patreon: / maythom
Instagram: / mayth0m
Twitter: / mayth0m
zSecurity Company - zsecurity.com/
Community - zsecurity.org/
zSecurity social media here ##
zSecurity Company - zsecurity.com/
Community - zsecurity.org/
Facebook - / zsecurity-145325078145...
Twitter - / _zsecurity_
Instagram - / zsecurity_org
Linkedin - / zsecurity-org
TikTok - / zsecurity_org
-------------------------------------------------------------------------------------
Resources:
Icon convert website: icoconvert.com/
Github Tool: moom825/Discord-RAT-2.0
WinRar: www.win-rar.com/download.html
------------------------------------------------------------------------------------
Timestamps:
0:00 - Intro
00:45 - Thanks to Linode!
01:33 - Installing the tool
02:35 - Clarification
03:29 - Creating a Discord Bot
04:32 - Creating a Discord Server
05:28 - Building the backdoor
07:55 - Building the trojan
10:50 - Trojan in Action!
13:56 - Securing Yourself from this
15:06 - Thank you!
-------------------------------------------------------------------------------------
⚠️ Please be advised that this video is made for educational security purposes only. Also note that you shouldn't test on devices that you don't have permissions to test. We always have the permissions granted to test the accounts/devices used on this channel.
I hereby affirm that the devices employed in this video are under my exclusive ownership, and the primary purpose of this content is strictly educational. It is of great importance to emphasize that this video does not, in any way, endorse or encourage any unethical activities.⚠️
The LEGENDARY line "For educational purposes only"....💀😎🥃
and we use it to spy unknown by saying educational purposes only 💀💀
@@rakiburshuvo09 of course they will tell you to the main purposes, but we must agree that is really cool.
Very legendary
How to negate all liability
People who did not heard the epik line: "oh yeahhhh baby its hecking time "
I was scanning the image files with my antivirus and my friend was laughing, now I am gonna send him that video :D
only jpg can hold data. not other extension.
I'm afraid it won't detect it anyway. Until you double click it is a compressed file.
just turn on show file extensions
When they say "educational purposes only" you know they ain't gon bs around 💯🔥
How to identify: if you don't have file extensions enabled, do not open ones that appear with an extension, also scrs and com files are basically executable but com is old.
The file type whould be show as Application
This is cool but nobody would actually fall for this because windows will have that pop up saying that it’s an untrusted executable
Man youd be surprised, someone young would and with social engineering too its game over. SWIM used to go into minecraft servers have a friend who (didnt know me) but would "downlod" my rat and vouch for it to have worked(some minecraft mod or a hack for it, even went as far as to make them in java) and thats all itd take for people to be trucked
Simple fix… obfuscation
@@sysk3y-prod771How would obfuscation fix that? It would still give you a popup before it runs telling you its an executable not an image.
I got hack with this same trick three days ago it made me erase all data from my PC. Thank God I realised quickly that I was being hacked otherwise the attacker could have gone with my credentials. The attacker embedded the code in unsuspicious link under a video tutorial which I clicked and that was all it disabled everything on my computer.
@@sysk3y-prod771I thought I had responded to this, I think my other comment got auto flagged for some reason. Obfuscation would not fix the issue of a gui popping up before you run the executable that tells you its an executable not an image.
its scary how insecure windows is, thanks for sharing
Won’t this be detected by windows defender?
@@menreikichan8291it should be but sometimes people turn it off for some reason
@@menreikichan8291not allways
@@menreikichan8291 yes this will detect by windows defender that is why we should not disable windows defender in any case.
Not insecure man if you know how to handle the OS. differently people with less knowledge with system will use computer just like gaming or working. but I am experiencing about OS and a bit more about coding. so I have a programs and some Un official tweaks for my windows. so my system so far so good and virus always detected even the services virus background 😁
I love Z security for this reason . Their video is well explained and organized and so easy to understand the process ❤
Many youtubers says it's an educational vdieo but it's educating and updating an hacker for more features 😂😂 like here if you like it😂😂
if your know you know
This little trick has been around for years. It’s not teaching anyone anything new and there are plenty of ways to defend it. But that sword swings both ways. It may teach some new hackers something, but it also teaches everyone else what to look out for.
I always look for the extension to be not ".exe" ... but the reverse character is new to me.
So now I'll always also pay attention to filenames like "[filename] exe. [fileending]"
So this would also work if you send .pdf files to other people...
The fact that the name of these malicious files always end with "exe" can be helpful to spot them
Ty
@@user-dk7os6hp4z You're welcome bro
thank you as a user how to identify such manipulated image
I love these , I like to open the exe in ida pro get the token and take control over the bot/ channel it is. Noticing people use either discord or telegrams as a command and control center , the biggest mistake is hard coding api or keys in the exe
For one trillion years I've been trapped in my own decaying dimension, waiting for a new universe to call my own.
Bro it took me few seconds to realize that it’s you. Looking great in beard.
Wow! This has been insightful to me about the trojan. Thanks a lot lot more, very thankful sir... Any way i have a question, will the victim PC always be connected to the server immediately when the victim is connected to the internet, or it will require the user to open the trojan file.
Any ideas/comments on the above question?
This technique is actually very old, I knew about it in the 2000s, but before that no one discussed this matter
brilliant steganography technique
Instead of turning off windows defender, you could add a exclusive folder or zone where the AV Wil not scan. I know some infostealers use this method
do you mean the victims PC defender must be turned off so that the connection can pass?
@@Compute_and_Hack no defender can still be on and active. If you add an exclution zone you can run code without it being scanned by defender and I think even amsi
@@Muziek37414 Thanks
I want to target android Is it same for android ?
@@Muziek37414 how please
Downloading a tool that will do all the work is kinda pointless. I thought you where gonna go through the theory.
Thank you
Thanks for guiding us for using VMware machine before practicing this work.
how old are you tbh. 😮
Its not working right now , fixed by discord. Right?
@@robinsonpk5867is it working now
super i like it thanks for the valuable information.
Ah yes. The ultimate excuse. “For educational purposes only”
It's been ages men😢
Why aren't file extensions enabled by default? It just makes sense...
It might work until you have file extensions enabled or download it from a internet browser, there it will say "image.jpg.exe"
Wait!! After the user opening you should close the picture, not going to discord, as user will not stare at the BMW forever. :)
can u only Control if the picture is open? then Its useless lol
@@-zarex-6847 u can control even when they close it bc the rat is hidden some where else not in the photo
@@chattf is that possible on mobile too, like whne u install apk? I never openes photos on mobile but with anything else like the base Game apk is actually this Virus?
@@-zarex-6847 no clue
@zSecurity: What about emulator does are application.exe but the majority of them are not virus and the reason they are is to make sure the game work when you used the emulation since you need executable file to run the game.
if an image is hacker thing and your image opener makes them hack you get rid of it as a image program reads out the image colors at their positions and voila no hacking on to you, and this goes also for your videos,,,
Once the hack is done, I have the information about the victim machine so now my question is will the firewall be closed on the victim machine or is there nothing to do with it...?
if you have window defender on will it still download and execute?
im using clinet built and it keeps telling me windows cant fijd this it opens the image but dosent make it execute
Won't Windows defender catch this if they click on the image??
This hugely complex security exploit can be easily avoided in any operating system if you just DON'T HIDE EXTENSIONS FOR KNOWN FILE TYPES
Perfect zsecurity guys
when someone opens it i can only do 2 commands before it just stops working can i have help?
Will Anti Virus on windows PC detect the backdoor when the user try to download and view it?
Please ask them to keep waiting? I have dial up and it said I've got 8 months left until the image is completely downloaded!
during my intern i was victim on this , the usb is encrypted
What's funny if you scan the virus on triage, it can log the bot's token the attacker is using and it can be used to login with a discord bot client and screw up their current operation
Basically sending a good dose of karma to the attacker
Maybe show to add some persistence? With powershell add on startup
I want to target android Is it same for android ?
Will it work if I have firewall to block new connection
My brother is going to have some troubble finding this one 😂
injected PIC, its new for you?
yoooo thanks so much
yeah, it's working but windows firewall detected (can u make video for win firewall to avoid malware in image)
new fear unlocked
Amazing video thanks a lot
Hey what happen if user is offline and then open the file and deleted in offline mode by finding nothing on file
Can still we have access
the backdoor wouldn't be activated at that moment since the file couldn't establish a connection to the attacker's server or execute any malicious code while offline.but once the friend goes back online, if the backdoored image contains executable code or a script that initiates a connection to the attacker's server, the backdoor could potentially execute its malicious payload.
Will it execute if I right-click on file to go to properties but I already have XNView MP with shell extension to show me image preview in explorer?
With a keygen so You got all the virus You need
Any idea for android target setup?
Know the difference between steganography and evasion
i think the cons are the space of the file , it can be spotted
im gonna make this and put it on my friends and rickroll them 💀
This worked soo much on my school project i got A+ thanks
How are you managing to keep your UA-cam channel covering hacker issues?
I had a channel with several hacker-related topics and UA-cam, after I had 200 videos, deleted my channel.
How can you keep the videos?
You forgot to add for educational purposes 😂
@@user-pv6mx4wi5x I put it in the video description that it was for educational purposes and even then it didn't allow it until a warning at the beginning of the video
You're not supposed to show everything in video, you shouldn't be showing malicious code on the screen and there shouldn't be a real victim 🚶 there's a grey area in the education section and it's pretty easy to cross over it 🚶 btw you can still send a takeout request to google for that channel even if it's terminated and you'll get permission to download your videos
Hii bro can u teach me how to start hacking...
When i click '' build " it says Unhandaled exeption occurred in your app. Can anyone help?
Been a while since y'all posted. Shalom. Hehe. :3
I'm pretty sure most email providers will pick this up as malicious.
Yea easily, you need to learn by-passing AV and reverse engineering to make it undetectable.
me with image extensions turned on:
does it work on smartphones also?
It's work on mobile as well??
Many softwares like Telegram has auto download what I hate cause so many strangers/scammers messaging you with image messages.
You have to disable downloads settings after setup or every installation but for the safety that settings must be disabled as default!
Form to input guild Id and server id is not opening
I tried this but when i tried to change the name and the picture it came with the same error ''ATR not found''
Taking your course on udemy, thanks!
can you give it to me for free?
So why is a file allowed to be listed as jpeg if its an app?
best Sir, but can u tell me how can we build in pdf file for android, kindly make a video for android and uplaod on channel, please
Sir where is your channel can you please give me the link of your channel
in my pocket
I always change the settings to show the files extension and show the hidden and protected windows files since the age of windows XP, so clickbait won't work , why don't they make these setting default? Hiding files extension will just prevent people from learning some simple thing
What is the useful app to avoid hackers?
Type of file WEBP (.webp) what this?
When I clicked it then: "Oh no! You have no power here"
Operating System: Arch Linux BTW
linix dont work
Is this executable is detected by Av??
Just embed the reversed Base64 of your payload after the 2nd byte in any jpg file. Image parsers will ignore it as Metadata.
And your image won't look suspicious.
No need for exe renaming tricks.
How does this work?
@@Hello-eg8er i think he means instead of storing the payload inside the exe, just have the code in the exe read the images metadata and parse it
how you can bypass the windows defender or antivirus when the user click on it ?
@@mmtaqi8448 you can't. All files automatically get mark of the web (except ISOs and such)
Please the renaming can you edit later and modify the exe in the file name?. Thank
Please explain How to drive by download a malware virus and how to upload it for a phone can download it
We did this in 2006 😜 Easy to track keystrokes, screenshots, and more.
🎉. This is cool.
But, how do we bypass windows defender and antivirus being installed on windows target
Use a crypter
@@lolononojay9010 and where can i find good crypter??
@@lolononojay9010any free recommendations???
can you please suggest one or share with me one@@lolononojay9010
Special thanks to do Discord , Github , MS-Windows Charmap for supports DIY malware(not really)
WINDOWS DEFENDER LAUGHED THIS !!!
hi ser is it working on phones
Antivirus in the cornor laughing
Ill try this on you😂
Work on phone?
The biggest lie "This Video is for Educational Purpose Only"!
When i open up the script with the foto its says windows cannot find backdoor.exe make sure you typed the name correctly
And then try again
you have to add the correct name of the exe file created with builder app or rename that to backdoor.exe. when u creating zip file use the correct name of it not the name in the video.
btw i tried the whole steps correctly unfortunately it says this app dosent support on my pc and i don't have any other device to test it😒, please let me know if it works for u.
We need a example for how to crack the cctv passwords if they are not default
Same here
.exe is too beginner that i automatically ignore when i enable extension in Windows Explorer. I prefer to have virus in an image file that i cannot complain
after 10 min my discord bot is offline how can i fix it?
Well that can be resolved by extraction the file and kill the virus service
Can kill windows security for this image?
Thank you for your precious time and knowledge. ❤
Teach how to embed a RAT(apk)into am image
Flipkart is very scandalous
is it undetectable by defender?
No
How to remove it from the machine ???? this should also be told in the video....
Just make new one
Is linux not feeling well does it need a vaccine
Still showing my icon only not my executable file😢😢 y pls someone should answer me😢
But how can you sent this file. I mean all programs as discord, email… recognize that that is a virus a blocks it?
You'll send zip file with password
Z security waiting for us to click this video
huh? wym