@@hollycow8171 An extension is part of a filename and is often used to identify the file format and associate it with the correct application. The meaning is to identify, an extension such as *.jpg says nothing about the actual file format. A file format is identified beyond doubt on the basis of other characteristics, such as signatures, also known as magic bytes. Every file format can hold data, how else would the whole construct work? To say "only jpg can hold data. not other extension." is completely wrong in every respect.
How to identify: if you don't have file extensions enabled, do not open ones that appear with an extension, also scrs and com files are basically executable but com is old.
.scr is old as hell and it's Windows screensavers since they had to package them as executables. It is redundant as nobody uses screensavers anymore; The whole system could use a revamp and get rid of this vulnerable file extension.
Not insecure man if you know how to handle the OS. differently people with less knowledge with system will use computer just like gaming or working. but I am experiencing about OS and a bit more about coding. so I have a programs and some Un official tweaks for my windows. so my system so far so good and virus always detected even the services virus background 😁
Man youd be surprised, someone young would and with social engineering too its game over. SWIM used to go into minecraft servers have a friend who (didnt know me) but would "downlod" my rat and vouch for it to have worked(some minecraft mod or a hack for it, even went as far as to make them in java) and thats all itd take for people to be trucked
I got hack with this same trick three days ago it made me erase all data from my PC. Thank God I realised quickly that I was being hacked otherwise the attacker could have gone with my credentials. The attacker embedded the code in unsuspicious link under a video tutorial which I clicked and that was all it disabled everything on my computer.
@@sysk3y-prod771I thought I had responded to this, I think my other comment got auto flagged for some reason. Obfuscation would not fix the issue of a gui popping up before you run the executable that tells you its an executable not an image.
I always look for the extension to be not ".exe" ... but the reverse character is new to me. So now I'll always also pay attention to filenames like "[filename] exe. [fileending]" So this would also work if you send .pdf files to other people...
@chattf is that possible on mobile too, like whne u install apk? I never openes photos on mobile but with anything else like the base Game apk is actually this Virus?
What's funny if you scan the virus on triage, it can log the bot's token the attacker is using and it can be used to login with a discord bot client and screw up their current operation Basically sending a good dose of karma to the attacker
This little trick has been around for years. It’s not teaching anyone anything new and there are plenty of ways to defend it. But that sword swings both ways. It may teach some new hackers something, but it also teaches everyone else what to look out for.
@@Compute_and_Hack no defender can still be on and active. If you add an exclution zone you can run code without it being scanned by defender and I think even amsi
if an image is hacker thing and your image opener makes them hack you get rid of it as a image program reads out the image colors at their positions and voila no hacking on to you, and this goes also for your videos,,,
I love these , I like to open the exe in ida pro get the token and take control over the bot/ channel it is. Noticing people use either discord or telegrams as a command and control center , the biggest mistake is hard coding api or keys in the exe
I used to do this with a binder, it lets hyou select the file icon(jpeg/jpg icon), but the file extension is really an executable(.exe). Most folk have file extension off by default and fall for this, we used to go to chat rooms, pose as a woman, infect a lot of guys who were horny, caught a lot of child predators this way too, we usually wiped their hard drives. Moral of the story, google how to turn on file extensions, if the icon is a photo but shows .exe at the end of the file, never run it. You can even bind a .exe and .jpeg together, we had one time, where it showed a photo when you opened it but still ran the .exe. This was about 20 years ago, things were a bit different then. I explained this to show you an easy example how this trick is used in a real scenario.
@@chug_jug200They do bro. The trick is using a character so that the name will be written in reverse, so an exe file will always have "exe" at end before the fake extension
Wow! This has been insightful to me about the trojan. Thanks a lot lot more, very thankful sir... Any way i have a question, will the victim PC always be connected to the server immediately when the victim is connected to the internet, or it will require the user to open the trojan file.
Once the hack is done, I have the information about the victim machine so now my question is will the firewall be closed on the victim machine or is there nothing to do with it...?
How are you managing to keep your UA-cam channel covering hacker issues? I had a channel with several hacker-related topics and UA-cam, after I had 200 videos, deleted my channel. How can you keep the videos?
@@SoniaAngel-j3e I put it in the video description that it was for educational purposes and even then it didn't allow it until a warning at the beginning of the video
You're not supposed to show everything in video, you shouldn't be showing malicious code on the screen and there shouldn't be a real victim 🚶 there's a grey area in the education section and it's pretty easy to cross over it 🚶 btw you can still send a takeout request to google for that channel even if it's terminated and you'll get permission to download your videos
I always change the settings to show the files extension and show the hidden and protected windows files since the age of windows XP, so clickbait won't work , why don't they make these setting default? Hiding files extension will just prevent people from learning some simple thing
Won't this be detected by windows defender when I run it? I'm really scared of that virus now. I have never turned on the "Hide extension for known file types" but I still scared.
you have to add the correct name of the exe file created with builder app or rename that to backdoor.exe. when u creating zip file use the correct name of it not the name in the video.
btw i tried the whole steps correctly unfortunately it says this app dosent support on my pc and i don't have any other device to test it😒, please let me know if it works for u.
@@chug_jug200 Yes pointless. It's just script kiddy stuff. You won't even know if that script will backfire on you. Remember to teach a man how to fish, don't give him one.
Just embed the reversed Base64 of your payload after the 2nd byte in any jpg file. Image parsers will ignore it as Metadata. And your image won't look suspicious. No need for exe renaming tricks.
@zSecurity: What about emulator does are application.exe but the majority of them are not virus and the reason they are is to make sure the game work when you used the emulation since you need executable file to run the game.
The LEGENDARY line "For educational purposes only"....💀😎🥃
and we use it to spy unknown by saying educational purposes only 💀💀
@@rakiburshuvo09 of course they will tell you to the main purposes, but we must agree that is really cool.
Very legendary
How to negate all liability
People who did not heard the epik line: "oh yeahhhh baby its hecking time "
When they say "educational purposes only" you know they ain't gon bs around 💯🔥
I was scanning the image files with my antivirus and my friend was laughing, now I am gonna send him that video :D
only jpg can hold data. not other extension.
I'm afraid it won't detect it anyway. Until you double click it is a compressed file.
just turn on show file extensions
@@hollycow8171 An extension is part of a filename and is often used to identify the file format and associate it with the correct application. The meaning is to identify, an extension such as *.jpg says nothing about the actual file format.
A file format is identified beyond doubt on the basis of other characteristics, such as signatures, also known as magic bytes.
Every file format can hold data, how else would the whole construct work?
To say "only jpg can hold data. not other extension." is completely wrong in every respect.
@@Observer552 By default I think most antiviruses don't scan images.
Remember, the sample file in the video is still an executable, not a jpeg
How to identify: if you don't have file extensions enabled, do not open ones that appear with an extension, also scrs and com files are basically executable but com is old.
The file type whould be show as Application
.scr is old as hell and it's Windows screensavers since they had to package them as executables. It is redundant as nobody uses screensavers anymore; The whole system could use a revamp and get rid of this vulnerable file extension.
I love Z security for this reason . Their video is well explained and organized and so easy to understand the process ❤
its scary how insecure windows is, thanks for sharing
Won’t this be detected by windows defender?
@@menreikichan8291it should be but sometimes people turn it off for some reason
@@menreikichan8291not allways
@@menreikichan8291 yes this will detect by windows defender that is why we should not disable windows defender in any case.
Not insecure man if you know how to handle the OS. differently people with less knowledge with system will use computer just like gaming or working. but I am experiencing about OS and a bit more about coding. so I have a programs and some Un official tweaks for my windows. so my system so far so good and virus always detected even the services virus background 😁
This is cool but nobody would actually fall for this because windows will have that pop up saying that it’s an untrusted executable
Man youd be surprised, someone young would and with social engineering too its game over. SWIM used to go into minecraft servers have a friend who (didnt know me) but would "downlod" my rat and vouch for it to have worked(some minecraft mod or a hack for it, even went as far as to make them in java) and thats all itd take for people to be trucked
Simple fix… obfuscation
@@sysk3y-prod771How would obfuscation fix that? It would still give you a popup before it runs telling you its an executable not an image.
I got hack with this same trick three days ago it made me erase all data from my PC. Thank God I realised quickly that I was being hacked otherwise the attacker could have gone with my credentials. The attacker embedded the code in unsuspicious link under a video tutorial which I clicked and that was all it disabled everything on my computer.
@@sysk3y-prod771I thought I had responded to this, I think my other comment got auto flagged for some reason. Obfuscation would not fix the issue of a gui popping up before you run the executable that tells you its an executable not an image.
I always look for the extension to be not ".exe" ... but the reverse character is new to me.
So now I'll always also pay attention to filenames like "[filename] exe. [fileending]"
So this would also work if you send .pdf files to other people...
thank you as a user how to identify such manipulated image
Wait!! After the user opening you should close the picture, not going to discord, as user will not stare at the BMW forever. :)
can u only Control if the picture is open? then Its useless lol
@chattf is that possible on mobile too, like whne u install apk? I never openes photos on mobile but with anything else like the base Game apk is actually this Virus?
What's funny if you scan the virus on triage, it can log the bot's token the attacker is using and it can be used to login with a discord bot client and screw up their current operation
Basically sending a good dose of karma to the attacker
Many youtubers says it's an educational vdieo but it's educating and updating an hacker for more features 😂😂 like here if you like it😂😂
if your know you know
This little trick has been around for years. It’s not teaching anyone anything new and there are plenty of ways to defend it. But that sword swings both ways. It may teach some new hackers something, but it also teaches everyone else what to look out for.
Instead of turning off windows defender, you could add a exclusive folder or zone where the AV Wil not scan. I know some infostealers use this method
do you mean the victims PC defender must be turned off so that the connection can pass?
@@Compute_and_Hack no defender can still be on and active. If you add an exclution zone you can run code without it being scanned by defender and I think even amsi
@@Muziek37414 Thanks
I want to target android Is it same for android ?
@@Muziek37414 how please
Thanks for guiding us for using VMware machine before practicing this work.
how old are you tbh. 😮
Its not working right now , fixed by discord. Right?
@@मृगदामिनीis it working now
brilliant steganography technique
Why aren't file extensions enabled by default? It just makes sense...
i write !help
but nothing works
if an image is hacker thing and your image opener makes them hack you get rid of it as a image program reads out the image colors at their positions and voila no hacking on to you, and this goes also for your videos,,,
Won't Windows defender catch this if they click on the image??
yes and noooooooooooooooooooooo fuck
It might work until you have file extensions enabled or download it from a internet browser, there it will say "image.jpg.exe"
How to remove it from the machine ???? this should also be told in the video....
Just make new one
super i like it thanks for the valuable information.
I love these , I like to open the exe in ida pro get the token and take control over the bot/ channel it is. Noticing people use either discord or telegrams as a command and control center , the biggest mistake is hard coding api or keys in the exe
What about MacOS, is it more safe?
can we use it for educational purpose on in mobile phones....??
This hugely complex security exploit can be easily avoided in any operating system if you just DON'T HIDE EXTENSIONS FOR KNOWN FILE TYPES
Nice but not all the command works , any solution ?
This technique is actually very old, I knew about it in the 2000s, but before that no one discussed this matter
Bro what is the New technique ??
Wht should be do if we want more sessions
Will it execute if I right-click on file to go to properties but I already have XNView MP with shell extension to show me image preview in explorer?
With a keygen so You got all the virus You need
im using clinet built and it keeps telling me windows cant fijd this it opens the image but dosent make it execute
I used to do this with a binder, it lets hyou select the file icon(jpeg/jpg icon), but the file extension is really an executable(.exe). Most folk have file extension off by default and fall for this, we used to go to chat rooms, pose as a woman, infect a lot of guys who were horny, caught a lot of child predators this way too, we usually wiped their hard drives. Moral of the story, google how to turn on file extensions, if the icon is a photo but shows .exe at the end of the file, never run it. You can even bind a .exe and .jpeg together, we had one time, where it showed a photo when you opened it but still ran the .exe. This was about 20 years ago, things were a bit different then. I explained this to show you an easy example how this trick is used in a real scenario.
The fact that the name of these malicious files always end with "exe" can be helpful to spot them
Ty
@@QuintonPearce You're welcome bro
@@RotatingLocomotive that literally doesnt help. + they dont always end with .exe bud
@@chug_jug200They do bro. The trick is using a character so that the name will be written in reverse, so an exe file will always have "exe" at end before the fake extension
@@RotatingLocomotive but its not always exe at the end bud.
yeah, it's working but windows firewall detected (can u make video for win firewall to avoid malware in image)
As usual this kind of video don't make sense as Windows defender will stop the program before executing ....
Use a crypter
@@lolononojay9010how
which crypter should we use?
@@lolononojay9010
does it work on smartphones also?
when someone opens it i can only do 2 commands before it just stops working can i have help?
It's been ages men😢
Is it works now or not
It does not work no more?
I'm pretty sure most email providers will pick this up as malicious.
Yea easily, you need to learn by-passing AV and reverse engineering to make it undetectable.
Session successfully created but its not working please help me bro
why is the gernerated URL not there
Taking your course on udemy, thanks!
can you give it to me for free?
This is awesome 🎉add more like this,,, amazing
Will it work if I have firewall to block new connection
Wow! This has been insightful to me about the trojan. Thanks a lot lot more, very thankful sir... Any way i have a question, will the victim PC always be connected to the server immediately when the victim is connected to the internet, or it will require the user to open the trojan file.
Any ideas/comments on the above question?
Immediately, it starts with windows
injected PIC, its new for you?
new fear unlocked
Amazing video thanks a lot
Thank you
Once the hack is done, I have the information about the victim machine so now my question is will the firewall be closed on the victim machine or is there nothing to do with it...?
Please ask them to keep waiting? I have dial up and it said I've got 8 months left until the image is completely downloaded!
When I clicked it then: "Oh no! You have no power here"
Operating System: Arch Linux BTW
can you drag this picture into discord and it will show as a normal picture?
Can this image affect android also ??
that generated url does NOT appear
i reconment bitdefender for antivirus and zone alarm for windows mac and maybe lenix
How are you managing to keep your UA-cam channel covering hacker issues?
I had a channel with several hacker-related topics and UA-cam, after I had 200 videos, deleted my channel.
How can you keep the videos?
You forgot to add for educational purposes 😂
@@SoniaAngel-j3e I put it in the video description that it was for educational purposes and even then it didn't allow it until a warning at the beginning of the video
You're not supposed to show everything in video, you shouldn't be showing malicious code on the screen and there shouldn't be a real victim 🚶 there's a grey area in the education section and it's pretty easy to cross over it 🚶 btw you can still send a takeout request to google for that channel even if it's terminated and you'll get permission to download your videos
Hii bro can u teach me how to start hacking...
The bit starts and creates the session but no commands works
How can i bypass antivirus
Command help not working :/
Is it samely works to target mobile phone?
So the victim needs winrar installed for the sfx to work ?
Does it work for android phone ? If it's work, then i willing to pay for the lesson
I always change the settings to show the files extension and show the hidden and protected windows files since the age of windows XP, so clickbait won't work , why don't they make these setting default? Hiding files extension will just prevent people from learning some simple thing
Not work, only works on Host own internet connection, vm dont pick it up
Type of file WEBP (.webp) what this?
Will this work in android
Can we do this with Android?
How to make this work on mobile?
worked in mobile or not using whatsapp ?
Won't this be detected by windows defender when I run it? I'm really scared of that virus now. I have never turned on the "Hide extension for known file types" but I still scared.
Is linux not feeling well does it need a vaccine
Bro it took me few seconds to realize that it’s you. Looking great in beard.
Will Anti Virus on windows PC detect the backdoor when the user try to download and view it?
Why does it not execute the !password and download command ?
Is is possible to do the same for an android?
It's work on mobile as well??
Can i using that one Zaid coustm kali machine....
So why is a file allowed to be listed as jpeg if its an app?
When i open up the script with the foto its says windows cannot find backdoor.exe make sure you typed the name correctly
And then try again
you have to add the correct name of the exe file created with builder app or rename that to backdoor.exe. when u creating zip file use the correct name of it not the name in the video.
btw i tried the whole steps correctly unfortunately it says this app dosent support on my pc and i don't have any other device to test it😒, please let me know if it works for u.
When will this guy actually teach some valuable information, I am actually surprised on how he is this well known in the security field.
Downloading a tool that will do all the work is kinda pointless. I thought you where gonna go through the theory.
pointless?
@@chug_jug200 Yes pointless. It's just script kiddy stuff. You won't even know if that script will backfire on you. Remember to teach a man how to fish, don't give him one.
@@chudchadanstud I agree with everything, but its not pointless. It's teaching basics of "hacking", and we all start somewhere.
hi ser is it working on phones
🎉. This is cool.
But, how do we bypass windows defender and antivirus being installed on windows target
Use a crypter
@@lolononojay9010 and where can i find good crypter??
@@lolononojay9010any free recommendations???
can you please suggest one or share with me one@@lolononojay9010
I tried this but when i tried to change the name and the picture it came with the same error ''ATR not found''
Any idea for android target setup?
Does it hack phone?
No phones don't have executables they do have other ways but not exactly the same as here
What is the useful app to avoid hackers?
Is this executable is detected by Av??
Know the difference between steganography and evasion
during my intern i was victim on this , the usb is encrypted
when i send it on discord it just pops up this can be a virus and smth
Just embed the reversed Base64 of your payload after the 2nd byte in any jpg file. Image parsers will ignore it as Metadata.
And your image won't look suspicious.
No need for exe renaming tricks.
How does this work?
@@Hello-eg8er i think he means instead of storing the payload inside the exe, just have the code in the exe read the images metadata and parse it
how you can bypass the windows defender or antivirus when the user click on it ?
@@mmtaqi8448 you can't. All files automatically get mark of the web (except ISOs and such)
When i click '' build " it says Unhandaled exeption occurred in your app. Can anyone help?
the bot doesnt works idk why
u are realy genious bro
Guys can someone please tell me if this is: 1. For real good and 2. safe to use?
i'm getting error to build "client-build"
can anyone help me!!!!!?
@zSecurity: What about emulator does are application.exe but the majority of them are not virus and the reason they are is to make sure the game work when you used the emulation since you need executable file to run the game.
it doesnt work