@@The_Wafool "hacking" is not the same as "stealing people's data and damaging property". So no, hacking is not illegal. What is illegal is using means of hacking to commit actual crimes like stealing, harassing, damaging property, etc. In the same way that teaching people how to pick locks is not illegal either. Though, in many situations, people may state that "hacking" IS "stealing data" as an over simplification of the word. This over simplification causes confusion and makes people think that Hacking is (and can only be) the act of breaking security for the purpose of stealing (and other crimes), but you can hack without causing damage to anyone. Hacking is simply the act of bypassing of security measures, or breaking some other system to gain access or priveledges. But if you have been given permission by the right people to have such access or priveledges, then it's not illegal. And spreading awareness of computer security flaws, like how @ebolaman_ has done here, helps everyone to know how to protect themselves against these exploits. If this was not shown here, it will still be shown in other places where actual criminals hang out. Showing these security flaws can even lead to an eventual patch of the flaws. So keeping this information secret can be more dangerous to everyone.
.scr is an shortcut for screensaver executables. It's exactly the same as normal executables, but isn't .exe. EDIT: Also, it's better to change the shortcut executable to "cmd.exe /c .\image.png", because when you leave the full path (c:\users\boris\...), it only supports your location of the folder with your username. But still, good video.
? It doesnt have to have an educational use, he's educating on a subject, which makes the video educational. Whether that be if you were educated on how to infect other peoples machines or to better protect against having your own machine infected, this video was by definition educational as it taught something
@@infectieonUploaded images with machine code execution will get rejected because they're not REALLY images; The headers and offsets are wildly different and be considered corrupt or invalid. You only need to worry about fake 'images' stored directly on your file system, and make sure not to run them.
Also the reversed text trick used to spoof the file format works only on explorer and a gew other programs, in the most of apps this trick won't work and the original file format will be shown
the RLO trick is not gonna work since even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)
Yeah this isn't actually a danger to anyone. The only reason windows isn't freaking out about the file is because it was made on his computer. If you were to upload that to the Internet and try running it on another computer it'd get instantly sent to the shadow realm by even the worst of anti viruses
@@ILoveTinfoilHats I tried making my own, and Windows Defender successfully stopped it from executing. Maybe the video uploader disabled Defender for the sake of the demonstration?
the RLO method doesn't work after uploading a file to 99.9% of file hosts online. you shouldn't be scared. if you're skeptical, you can always just right click and check the properties
RLO is super interesting and i didn't know about it. I tried it (win11) and actually windows defender flags it as a virus when I try to open it. So I guess MS already thought of that :P
cant you just disable extensions in file name, and just change the executable name to image.png it can be opened like exe but it will be showing an image
If you go to properties from the pictures app with it open what does it say? 3 dots and then to the bottom the properties button, it should have a directory path
I am a freelancer and sometimes I got files with the format of .scr from my clients saying those were the reference images Some say that this file contains some script or anything that would be dangerous for me or my contact information (even my bank account) So everytime someone send me .scr or any other type of suspicious format of images, I would always block them My question is, would this kind of thing works besides Windows? What if I open it up on Linux, Mac or even my Android phone? Is there possibility that the script still runs?
i understood the method but i didn't understand the purpose why we are doing that? when this will be useful and in what condition we should do that? can someone explain please ??
FICTIONAL: " a situation where a hacker have control of my pc, so i am dumb and he have access whith any desk or something like that, if he executes that on my pc using any desk or something, i can grab information from him like the IP, even if hes running from my pc using any desk ? "
Does anybody know if there are warning message implemented in Windows that Alert the user about this flip text character thing and or some shortcuts that start with cmd .exe which shouldn't based on the file that opens ?
All good until anybody who knows what their doing runs "file image.png" and the result is PE32 Windows Executable, if you wanted to actually try and spoof it you would change the first 8 identifier bytes to 137 80 78 71 13 10 26 10 so when that command is run it would state PNG Image File, also creating hidden folders is bad offsec cuz #1 it is easily found with a ls or dir command, #2 YOU ARE WRITING TO DISK (That is rule #1 of offsec you dont write to disk), #3 its only hidden under specific conditions via file explorer, oh also the creation of this will be logged in Active Directory along with the execution of the file
It's useful to know how they work. You can learn some interesting code too, help to defend people against malware and learn how to remove the persistent back doors. Just don't get hit by a crypto locker.
@@Yazan_Majdalawiit will, but who looks at that In fact many scammers will just name it "pic.png.scr" and hope that the victim has the "hide known file extensions" option enabled, because it's still the default on Windows lmao
this is old one, if you do this, even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)
Good video. Knowing how to do dangerous things helps in defending against them. For example, to defend yourself against this, use a custom system icon pack and disable thumbnails. No antivirus needed or keeping your eyes peeled for extensions. Also, your default icons look cooler.
Doesn't help if you're a high value target, the real trick is to know Windows screensavers are autoran executables, and to check the file type. Or use Unix because NT has one of the most comprehensive filesystem permission systems ever that doesn't have execute as an attribute.
You can also just have file extensions visible by default. But the more steps you take, the safer you'll be. The scary part is that these changes only help you if you know what you're looking for. Imagine the normal user...
@@pinguluk1 no that’s not possible because of how discord works. When you send an image, discord harvests that information and displays the image, more or less like a middleman, in other words it’s literally just an image, you can’t hide executables in it.
@@pinguluk1 yeah there somewhat was. for others in the replies: .WebP (note; webp wasn't the only thing that was exploited nor was it only discord related but its the one with most information.)
RLO is already detected by most AV's .scr is also detected by most AV's now and will be stopped by WD smart screen. the .lnk method works but will be caught by behavior dynamic analysis which most AV's have. double masquerade extensions will also be caught and stopped by smartscreen.
webhook.exe is just a placeholder (so i dont get banned), you can use the methods in this video with a token logger, rat, etc
very *Educational Purposes
you do realize computer hacking is very illegal
have how send the code of the weehook.exe
@@The_Wafool "hacking" is not the same as "stealing people's data and damaging property". So no, hacking is not illegal. What is illegal is using means of hacking to commit actual crimes like stealing, harassing, damaging property, etc. In the same way that teaching people how to pick locks is not illegal either.
Though, in many situations, people may state that "hacking" IS "stealing data" as an over simplification of the word. This over simplification causes confusion and makes people think that Hacking is (and can only be) the act of breaking security for the purpose of stealing (and other crimes), but you can hack without causing damage to anyone. Hacking is simply the act of bypassing of security measures, or breaking some other system to gain access or priveledges. But if you have been given permission by the right people to have such access or priveledges, then it's not illegal.
And spreading awareness of computer security flaws, like how @ebolaman_ has done here, helps everyone to know how to protect themselves against these exploits. If this was not shown here, it will still be shown in other places where actual criminals hang out. Showing these security flaws can even lead to an eventual patch of the flaws. So keeping this information secret can be more dangerous to everyone.
@@The_Wafoolno way, its very much legal man what are you talking about?
Educational purposes is pretty much the universal dev excuse now
I guess it is the same for nudity counting as art.
@@F1L337t w i t c h
Not really, he showed us how is it made so now we're aware how to be careful in case of sus file
it is educational init
I have soo many *educational purpose* ideas!!!🤣🤣
.scr is an shortcut for screensaver executables. It's exactly the same as normal executables, but isn't .exe.
EDIT: Also, it's better to change the shortcut executable to "cmd.exe /c .\image.png", because when you leave the full path (c:\users\boris\...), it only supports your location of the folder with your username. But still, good video.
True but you're sending it to someone else anyways
Wtf .scr is 'script' not 'screenshare'
@@андрей_свиридов it's Screensaver
@@андрей_свиридовeveryone is wrong it’s screen saver😂
@@Meletion1 yeah, that too. I have bubbles.scr installed as my Win11 screensaver :)
bro is helping the scammers😭
You can embed code inside an LNK file, and have the link file run it, so you could also fit an image inside an LNK and do it that way!
fun fact: there is no educational use for thst
I am taking Cybersecurity as a trade, this is educational to me.
:D
how come? I learnt that Win is still a mess in these days.
? It doesnt have to have an educational use, he's educating on a subject, which makes the video educational.
Whether that be if you were educated on how to infect other peoples machines or to better protect against having your own machine infected, this video was by definition educational as it taught something
@@Noahitis that comment was from 5 months ago...
@@MiguelWilson0 people comment on my stuff from 6 years ago, it doesn't change the validity of what I just said
Now I'm scared for images. Luckily I'm on linux so no exe's, but still scary to think how easy it is to hide the real file extension
So ANY image on discord could be laced like this??? Wtf how do you even stay safe from this? Idk how to work linux
@@infectieonUploaded images with machine code execution will get rejected because they're not REALLY images; The headers and offsets are wildly different and be considered corrupt or invalid. You only need to worry about fake 'images' stored directly on your file system, and make sure not to run them.
Also the reversed text trick used to spoof the file format works only on explorer and a gew other programs, in the most of apps this trick won't work and the original file format will be shown
"linux is free if your time is worthless" proceeds to get hacked by an image
@@CluelessGeekthis was the cause by my change to dual boot windows/linux to just linux 😅
the RLO trick is not gonna work since even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)
Yeah this isn't actually a danger to anyone. The only reason windows isn't freaking out about the file is because it was made on his computer. If you were to upload that to the Internet and try running it on another computer it'd get instantly sent to the shadow realm by even the worst of anti viruses
@@ILoveTinfoilHats I tried making my own, and Windows Defender successfully stopped it from executing. Maybe the video uploader disabled Defender for the sake of the demonstration?
@@Lar_me yes exactly my point, even the crappiest of antivirus programs would catch this low-level bug
This is scary simple. I don't know if I am suppose to be scared or surprised.
you can check the file extension and size when downloading files
both
Have you watched the entire video? because it can look like a png or whatever file and still run as a cmd. @@kamimatsuyama
the RLO method doesn't work after uploading a file to 99.9% of file hosts online. you shouldn't be scared. if you're skeptical, you can always just right click and check the properties
Thanks to you, now malware creators will make the fake pngs
def gonna use this for educational purposes
thanks, now i "educationally" know how to give someone a virus.
Now I am immensely paranoid of all of those background remover and image downloading websites I have visited in the past! Wonderful!
You are telling me that I can get a malware just by downloading an "image" and can't prevent this huh. Nice.
nice dude, next turorial: how to empty someone bank account (just educational)
This is getting out of hands
Thank you tho
I’m literally working on defense against file extensions and file uploads right now… gonna see if spoofed files get through what I wrote.
i'm torn over liking this for the educational purpose but also not liking so less people use this maliciously. nice explanation tho, kinda scary
Now I'm scared of discord img
Thats why I always use the “show file extension names” option
doesnt save you buddy
Man i remember doing this in like 2001
Old person.
I wasn't even born yet lmao. You're awesome 😎💯
Yes thats what i says its too old 😂😂
damn good research and microsoft needs to address this immediately lol
This can be both life saver and life ruiner💀
Thank you! I just hacked tens of thousands of poor souls who thought i sent them a picture of a puppy! 😃
Esto podría ser bastante útil algún dia en el sentido "educativo"
Educational purposes only is the special key to not getting banned
Hi I noticed that there is no multi-tool video at your place. Could you please share this video on e.g. Google Drive or something else.
github.com/EbolaMan-YT/Multi-Tool
@@ebolaman_ thank you good person!!
Ngl downloading a file from this guy is the last thing I would do
Now we ratting les go
RLO is super interesting and i didn't know about it. I tried it (win11) and actually windows defender flags it as a virus when I try to open it. So I guess MS already thought of that :P
underrated content creator
cant you just disable extensions in file name, and just change the executable name to image.png
it can be opened like exe but it will be showing an image
when i do extention spoof #3 the output file is (img name).png.lnk why?
.lnk is the shortcut extension
dude I had to watch your video at 0.75 speed
Release the code that sends the message to the webhook as well as to the logger.
the code that sends the message to the webhook is an placeholder for a token logger
C# ? C++ ? Python ?
c#@@KyuDoesCode
Look for it on google
Finally, garfield image.
This is crazy thanks!!
How do we reverse this process for an image we suspect is hiding an EXE?
just open it with notepad or on your browser, you should see the differences
If you go to properties from the pictures app with it open what does it say? 3 dots and then to the bottom the properties button, it should have a directory path
When uploading it on discord, does it act like an actual png. Also what stubs do you recommend for roblox
idk abt roblox stubs but yeah it only works w discord if u zip it
@@ebolaman_ damn, are there any stubs you'd recommend
@@phsycdelicjs learn c stop being a skid >w
@@omggggggggg-jkyssmalware in C is very annoying to make
@@phsycdelicwhy u wanna beam so bad😂😂😂
Hello bro can you make video about how to create this type of thing like which can send message to email or telegram or discord
I am a freelancer and sometimes I got files with the format of .scr from my clients saying those were the reference images
Some say that this file contains some script or anything that would be dangerous for me or my contact information (even my bank account)
So everytime someone send me .scr or any other type of suspicious format of images, I would always block them
My question is, would this kind of thing works besides Windows? What if I open it up on Linux, Mac or even my Android phone? Is there possibility that the script still runs?
no
THANK YOOU
nppp
I'm impressed by RLO, I didn't know.
the person who put this in a garn47 playlist you lied
Bro I love ur content pls make more vids!!!!
u a w fr fr love u bro
i understood the method but i didn't understand the purpose why we are doing that? when this will be useful and in what condition we should do that? can someone explain please ??
check pinned comment
to make trojjan and other type of virus out of it or just less destructive and illegal stuff like trolling your friend
I know you're saying this is for "educational purposes" but this mainly enables bad actors to do these kinda of stuff
are you dumb...
I was doing exactly the same when i was 10
Damn, now I won't be able to open any file.
I'm here for a tutorial on converting an exe file into a literal image file and not a tutorial on how to do a file extension spoofing
Can you make a educational purposes video only on how to make a fud file (Fully Undeticatalbe)
So how do you get somebody’s cookies off a image logger
Thanks ebola man!
security threat
How about file signature?
wait, i wanna know more about that, wdym by that ?
FICTIONAL: " a situation where a hacker have control of my pc, so i am dumb and he have access whith any desk or something like that, if he executes that on my pc using any desk or something, i can grab information from him like the IP, even if hes running from my pc using any desk ? "
Windows 10 + Windows XP = The Desktop you Have lol
how can you make one that pulls discord tokens
maybe it’s tough tho
Why would i need this?
Idk
an angel omfg
I'm now scared to open any file, thanks
what file do you put in how do u make a webhoot file like tht and put it in
use a token grabber
i just found your channel and idk if you have already done it but can you show how to make a basic webhook
good video bro thanks
can you make a tutorial how i can see if someone send me a file like that?
That is terrifying! But so smart 🤯!
why don't you just use an ICO file instead of merging with an image?
thats op this could get in the wrong hands
How did you make in send the username of the PC?
One more for my paranoid list
Bro, how to make a undetectable keylogger
very good men
The shortcut method is kinda cringe. But the RLO shit is genius
Thanks, never opening a .rar file again lmao.
Where did you got the image.ico pls ? I want a mp4.ico but idk where to find it or how to extract the icon from my .mp4 file
did you founded ?
I own a WinRAR license
ok
Does anybody know if there are warning message implemented in Windows that Alert the user about this flip text character thing and or some shortcuts that start with cmd .exe which shouldn't based on the file that opens ?
yup defender detects it
How do you make the webhook tho
All good until anybody who knows what their doing runs "file image.png" and the result is PE32 Windows Executable, if you wanted to actually try and spoof it you would change the first 8 identifier bytes to 137 80 78 71 13 10 26 10 so when that command is run it would state PNG Image File, also creating hidden folders is bad offsec cuz #1 it is easily found with a ls or dir command, #2 YOU ARE WRITING TO DISK (That is rule #1 of offsec you dont write to disk), #3 its only hidden under specific conditions via file explorer, oh also the creation of this will be logged in Active Directory along with the execution of the file
how to make the data from the exe file come to you in discord via a web hook
token logger off github
malware tutorial 😭
thatts his whole channel
lol
@niikolehmainen Real.
@koolehmainen sure but I'm on Linux so idk if it'll work the same
It's useful to know how they work. You can learn some interesting code too, help to defend people against malware and learn how to remove the persistent back doors. Just don't get hit by a crypto locker.
That right to left override character in the filename was absolutely devious
But I think the extension in the properties menu would still be the right one
@@Yazan_Majdalawiit will, but who looks at that
In fact many scammers will just name it "pic.png.scr" and hope that the victim has the "hide known file extensions" option enabled, because it's still the default on Windows lmao
@@Archimedes.5000man.. Windows. I'd be on Linux still if devs supported their stuff on it more
the phrase educational purposes only is the one thing keeping this channel from not being cancalled
He hasnt done anything illegal.
Y can hide virus by this method @@MAGNETO-i1i
It's not like he is going to distribute any zero day exploit through youtube video.
instructions unclear:
Im in the prison cell and re-watching this video
Bro you literally got the the info i was finding for 2 years
I was tryna find this for so long and this was here the whole time????
frr
The question is whether windows defender detects it as malicious? Or does it depends upton the the exe that is being executed.
Shit I was doing 25 years ago
@@xodzphone I was doing it 50 years ago
The RLO trick is actually something I didn't know even as a CS student, thanks!
this is old one, if you do this, even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)
@@catorlife can confirm, it's been like this for a while now
The name will go back to it's original form once you upload it somewhere, so not useful even if the target has no antivirus
there are file managers that separate extension from rest of name like double commander
Wow even as a CS student ? Xdd
educational purpose only. Enjoy 💀
Good video. Knowing how to do dangerous things helps in defending against them. For example, to defend yourself against this, use a custom system icon pack and disable thumbnails. No antivirus needed or keeping your eyes peeled for extensions. Also, your default icons look cooler.
Could you tell that how do you switch to a custom system pack and disable thumbnails
@@Cryptocurrency69 ask Google
@@Cryptocurrency69 Both answers depend on your operating system. You'll have to ask mama Google.
Doesn't help if you're a high value target, the real trick is to know Windows screensavers are autoran executables, and to check the file type. Or use Unix because NT has one of the most comprehensive filesystem permission systems ever that doesn't have execute as an attribute.
You can also just have file extensions visible by default. But the more steps you take, the safer you'll be. The scary part is that these changes only help you if you know what you're looking for. Imagine the normal user...
bro's channel is surviving with the educational purposes excuse
:)))))))))))))))))
I remember this video
The amount of people who think that clicking the image sent on discord will execute it is hilarious
Wasn't there an exploit that basically did that?
They just send the embed from a other device once they click the image it’s all a scam
@@pinguluk1 no that’s not possible because of how discord works. When you send an image, discord harvests that information and displays the image, more or less like a middleman, in other words it’s literally just an image, you can’t hide executables in it.
thats why you only look at the embed
@@pinguluk1 yeah there somewhat was. for others in the replies: .WebP (note; webp wasn't the only thing that was exploited nor was it only discord related but its the one with most information.)
RLO is already detected by most AV's
.scr is also detected by most AV's now and will be stopped by WD smart screen.
the .lnk method works but will be caught by behavior dynamic analysis which most AV's have.
double masquerade extensions will also be caught and stopped by smartscreen.
Is Windows Defender included in "most AV's"?
@@phir9255probably yeah wd is the most annoying av because it just does to much I don't have it because it even blocks my work
@@phir9255windows defender is an AV (anti-virus software) preloaded with the windows OS
@@phir9255likely
@@phir9255 considering windows defender is default installed on all windows operating system, then yes it would be considered part of “Most AV’s”
Insane most of this stuff is just baked into the OS.. Windows really has no regard for user safety
Damn its very rare that i find interesting channels ln UA-cam
ok how to avoid it now
don't download anything
damn it, the RLO trick is quite surprising, for things like this you just better drag the file to the image editor
this is very improtant not for scamming but for being aware so its very important also this teaches u that the best antivirus is you
that's really cool! im not interested in doing this but i like the style of your videos and your explanation. Subbed.
Its just wow 🤯
So nicely explained straight to the point!