1
00:00:00,360 --> 00:00:01,560
Instructor: Welcome back.

2
00:00:01,560 --> 00:00:04,530
In this video, I want to show you a cool way

3
00:00:04,530 --> 00:00:07,020
that you can make your executable

4
00:00:07,020 --> 00:00:09,960
seem and look like another file.

5
00:00:09,960 --> 00:00:11,640
So, what I'm going to do right now

6
00:00:11,640 --> 00:00:14,850
is I'm going to mask our shell.exe

7
00:00:14,850 --> 00:00:17,190
that we created from the previous video

8
00:00:17,190 --> 00:00:20,190
to look like a car image.

9
00:00:20,190 --> 00:00:21,750
And what you will need for this is

10
00:00:21,750 --> 00:00:23,760
you're going to need a car image,

11
00:00:23,760 --> 00:00:26,220
or basically it doesn't even have to be an image,

12
00:00:26,220 --> 00:00:27,053
or a car,

13
00:00:27,053 --> 00:00:29,280
it can be any file type that you want.

14
00:00:29,280 --> 00:00:31,500
If you want to create it to be a PDF file,

15
00:00:31,500 --> 00:00:32,333
you can.

16
00:00:32,333 --> 00:00:34,050
If you want to create it to be a jpeg file,

17
00:00:34,050 --> 00:00:34,920
you can.

18
00:00:34,920 --> 00:00:37,770
Just follow along, and the process of doing that

19
00:00:37,770 --> 00:00:40,320
is the same for every file type.

20
00:00:40,320 --> 00:00:42,204
So, two things your to need.

21
00:00:42,204 --> 00:00:43,037
A file

22
00:00:43,037 --> 00:00:45,330
that you want your executable to look like

23
00:00:45,330 --> 00:00:47,460
and the executable itself.

24
00:00:47,460 --> 00:00:50,100
So, this is the same payload from the previous video

25
00:00:50,100 --> 00:00:53,100
which is the regular Windows meterpreter shell.

26
00:00:53,100 --> 00:00:55,260
And what I'm going to do is I'm going to cope it

27
00:00:55,260 --> 00:00:57,810
to the desktop real quick.

28
00:00:57,810 --> 00:01:00,388
And once you got these two files on your desktop

29
00:01:00,388 --> 00:01:02,430
you are ready to go.

30
00:01:02,430 --> 00:01:04,709
Now the first thing that we must do is we

31
00:01:04,709 --> 00:01:08,850
must make an ico file from this PNG file.

32
00:01:08,850 --> 00:01:10,710
And how can we do that?

33
00:01:10,710 --> 00:01:12,570
Well, we can just open the Google Chrome

34
00:01:12,570 --> 00:01:17,103
or any search engine and type png to ico.

35
00:01:18,480 --> 00:01:20,771
You can navigate to the first link in case you chose

36
00:01:20,771 --> 00:01:23,220
a png file and it will lead you

37
00:01:23,220 --> 00:01:26,377
to this convertico.com where it allows us to

38
00:01:26,377 --> 00:01:29,250
simply just upload our PNG image

39
00:01:29,250 --> 00:01:32,700
and it'll create an ico file with that image.

40
00:01:32,700 --> 00:01:34,350
So, I'm going to lower the screen

41
00:01:36,360 --> 00:01:38,040
then as it says right here,

42
00:01:38,040 --> 00:01:39,450
drop your PNG files.

43
00:01:39,450 --> 00:01:41,400
I will drop it right here.

44
00:01:41,400 --> 00:01:42,900
It'll take a few seconds.

45
00:01:42,900 --> 00:01:46,053
And right here our files should appear once it's done.

46
00:01:46,890 --> 00:01:48,000
Here it is.

47
00:01:48,000 --> 00:01:50,200
We can download it by pressing this arrow

48
00:01:51,270 --> 00:01:55,110
and it'll download the car.ico file for us.

49
00:01:55,110 --> 00:01:57,210
So, I'm going to show it in folder,

50
00:01:57,210 --> 00:01:58,740
paste it on my desktop

51
00:01:58,740 --> 00:02:00,210
and now we are good to go.

52
00:02:00,210 --> 00:02:02,880
We got the car.png, which is the image.

53
00:02:02,880 --> 00:02:05,520
We got this car.ico, which we are going to

54
00:02:05,520 --> 00:02:10,520
use to make our executable have this icon right here.

55
00:02:10,691 --> 00:02:13,360
And we are going to merge it with this png image

56
00:02:13,360 --> 00:02:17,040
in order for once the target executes our program

57
00:02:17,040 --> 00:02:19,410
it also opens this image.

58
00:02:19,410 --> 00:02:21,000
Let me show you how it would look like.

59
00:02:21,000 --> 00:02:22,140
So, all you want to do,

60
00:02:22,140 --> 00:02:24,120
you want to select these two files

61
00:02:24,120 --> 00:02:28,170
right click on them and click add to archive.

62
00:02:28,170 --> 00:02:29,580
Click on this.

63
00:02:29,580 --> 00:02:32,340
Right here there are a few settings that we must set.

64
00:02:32,340 --> 00:02:35,790
First, our high format should be ZIP.

65
00:02:35,790 --> 00:02:39,570
Right here you want to check create SFX archive

66
00:02:39,570 --> 00:02:42,090
and here you can name your file, whatever you want.

67
00:02:42,090 --> 00:02:43,470
The only bad thing about this is

68
00:02:43,470 --> 00:02:45,990
that it will have an exe extension

69
00:02:45,990 --> 00:02:48,900
but most of the people don't have extensions enabled

70
00:02:48,900 --> 00:02:50,010
on their window system

71
00:02:50,010 --> 00:02:52,860
so, this will not present that big of a problem.

72
00:02:52,860 --> 00:02:57,813
Okay, so let's go right here and call it car.exe.

73
00:02:59,040 --> 00:03:00,000
Then I want to go

74
00:03:00,000 --> 00:03:04,830
to the advanced tab and click right here on SFX options.

75
00:03:04,830 --> 00:03:07,350
This will open this small window and we want to go

76
00:03:07,350 --> 00:03:09,990
through each step and set these settings accordingly.

77
00:03:09,990 --> 00:03:11,010
In the Update tab,

78
00:03:11,010 --> 00:03:14,040
you want to click Extract and update files.

79
00:03:14,040 --> 00:03:18,420
And in the Override mode you want to Override all files.

80
00:03:18,420 --> 00:03:21,300
Then if I go to Text an icon tab here

81
00:03:21,300 --> 00:03:24,840
we want to click on this Load SFX icon from the file.

82
00:03:24,840 --> 00:03:29,190
Click on Browse, find the ico file that you just created.

83
00:03:29,190 --> 00:03:30,750
In my case, it is on my desktop,

84
00:03:30,750 --> 00:03:32,850
so, I'm going to select it.

85
00:03:32,850 --> 00:03:35,310
Once you do that, you can move on to the next step.

86
00:03:35,310 --> 00:03:36,720
So, in the License tab

87
00:03:36,720 --> 00:03:39,030
there is nothing that we want to set here.

88
00:03:39,030 --> 00:03:41,190
Also, there is nothing that we want to set

89
00:03:41,190 --> 00:03:43,380
if I go to the Advanced, nothing.

90
00:03:43,380 --> 00:03:46,110
In Modes we want to click on Hide all

91
00:03:46,110 --> 00:03:49,140
and Unpack to temporary folder.

92
00:03:49,140 --> 00:03:50,580
After it in the setup

93
00:03:50,580 --> 00:03:53,070
we want to write both of our file names.

94
00:03:53,070 --> 00:03:55,560
So, in the Run after extraction

95
00:03:55,560 --> 00:03:58,410
we want to type right here, shell.exe.

96
00:03:58,410 --> 00:04:01,140
Just make sure you type the files name right here,

97
00:04:01,140 --> 00:04:02,040
correctly.

98
00:04:02,040 --> 00:04:04,380
So, shell.exe is our executable

99
00:04:04,380 --> 00:04:07,980
and car.png is our

100
00:04:07,980 --> 00:04:09,210
image.

101
00:04:09,210 --> 00:04:10,260
Okay, good.

102
00:04:10,260 --> 00:04:12,600
Under the General, nothing here to do.

103
00:04:12,600 --> 00:04:14,940
So, once you set all of those options, you can click on

104
00:04:14,940 --> 00:04:18,870
OK and you can click right here on OK as well.

105
00:04:18,870 --> 00:04:20,250
And here it is.

106
00:04:20,250 --> 00:04:23,940
We got car.exe on our desktop.

107
00:04:23,940 --> 00:04:26,190
It has the icon of this image and

108
00:04:26,190 --> 00:04:28,380
once we go and execute it,

109
00:04:28,380 --> 00:04:30,360
it should also open this image.

110
00:04:30,360 --> 00:04:34,260
But in the background, it should also run our shell.exe.

111
00:04:34,260 --> 00:04:35,460
Let's test it out.

112
00:04:35,460 --> 00:04:38,790
But first we must set up our listener.

113
00:04:38,790 --> 00:04:40,270
So, open terminal

114
00:04:42,150 --> 00:04:43,563
run msfconsole.

115
00:04:45,300 --> 00:04:47,310
Let's set up our listener.

116
00:04:47,310 --> 00:04:50,010
So, multi/handler set payload to

117
00:04:50,010 --> 00:04:54,453
be regular windows/meterpreter/reverse_tcp.

118
00:04:55,680 --> 00:04:57,780
LHOST will be the IP address

119
00:04:57,780 --> 00:05:00,120
one my Cal Linux machine and LPORT

120
00:05:00,120 --> 00:05:03,420
if I remember correctly, was 5555.

121
00:05:03,420 --> 00:05:05,400
Now I can run this.

122
00:05:05,400 --> 00:05:06,600
This will start the listener.

123
00:05:06,600 --> 00:05:09,250
And if I go to my desktop and execute this file

124
00:05:10,140 --> 00:05:12,600
well for some reason it seems to have only

125
00:05:12,600 --> 00:05:14,940
opened this meterpreter shell

126
00:05:14,940 --> 00:05:16,814
and it didn't open the car image

127
00:05:16,814 --> 00:05:19,560
and this is something that happens sometimes.

128
00:05:19,560 --> 00:05:21,780
So, we can try to change some

129
00:05:21,780 --> 00:05:23,550
of the settings in order to make this work

130
00:05:23,550 --> 00:05:26,490
but in this case, it was just a late opening.

131
00:05:26,490 --> 00:05:29,880
So, here is the image it opened right now.

132
00:05:29,880 --> 00:05:31,680
For some reason that took a few seconds.

133
00:05:31,680 --> 00:05:34,830
So, let's just run it once again just to see

134
00:05:34,830 --> 00:05:37,170
whether it'll open faster right now.

135
00:05:37,170 --> 00:05:40,983
So, I will run the listener once again and open car.exe.

136
00:05:42,810 --> 00:05:45,750
Hmm, it still seems to take some time even

137
00:05:45,750 --> 00:05:48,750
though our meterpreter shell is open.

138
00:05:48,750 --> 00:05:50,850
So, what we can do

139
00:05:50,850 --> 00:05:55,110
instead of this is we can first of all exit this shell

140
00:05:55,110 --> 00:05:57,660
close this image that opened 10 seconds

141
00:05:57,660 --> 00:05:59,670
after we executed

142
00:05:59,670 --> 00:06:01,824
and we can start the msfconsole again,

143
00:06:01,824 --> 00:06:03,120
delete this file.

144
00:06:03,120 --> 00:06:05,223
And we are going to change one setting

145
00:06:05,223 --> 00:06:09,240
which will hopefully make cover file execute faster.

146
00:06:09,240 --> 00:06:10,890
So, let's go once again ZIP.

147
00:06:10,890 --> 00:06:14,610
Here we want to name the file to be car.exe

148
00:06:14,610 --> 00:06:16,920
under the advance SFX options.

149
00:06:16,920 --> 00:06:17,753
And here

150
00:06:17,753 --> 00:06:19,770
under the setup is something that we want to change.

151
00:06:19,770 --> 00:06:22,496
So, last time we specified the shell.exe first.

152
00:06:22,496 --> 00:06:26,760
Right now, we are going to specify car.png, first.

153
00:06:26,760 --> 00:06:30,930
And under it I'm going to specify shell.exe.

154
00:06:30,930 --> 00:06:32,880
Then I'm going to click right here

155
00:06:32,880 --> 00:06:33,903
Hide all.

156
00:06:34,740 --> 00:06:36,180
In the general, nothing.

157
00:06:36,180 --> 00:06:37,050
In the Update,

158
00:06:37,050 --> 00:06:40,320
Extract and update files, Override all files.

159
00:06:40,320 --> 00:06:41,550
Text and icon,

160
00:06:41,550 --> 00:06:44,160
let's select our ico file.

161
00:06:44,160 --> 00:06:45,870
In the License and Module, there is nothing.

162
00:06:45,870 --> 00:06:47,340
So, let just click on, OK,

163
00:06:47,340 --> 00:06:49,890
it'll create our file once again.

164
00:06:49,890 --> 00:06:52,020
Not sure why I closed msfconsole when

165
00:06:52,020 --> 00:06:55,320
right now, we are going to set up our listener again

166
00:06:55,320 --> 00:06:57,370
in multi/handler

167
00:06:59,688 --> 00:07:00,605
meterpreter

168
00:07:03,090 --> 00:07:04,480
set LHost

169
00:07:06,600 --> 00:07:08,073
and the LPORT.

170
00:07:09,417 --> 00:07:10,953
We want to run it,

171
00:07:12,030 --> 00:07:13,500
run the file

172
00:07:13,500 --> 00:07:17,370
and now it opens the image straight away.

173
00:07:17,370 --> 00:07:18,720
Okay, so just make sure

174
00:07:18,720 --> 00:07:21,360
that you specified the image name first

175
00:07:21,360 --> 00:07:25,140
and then after it you can specify the shell name.

176
00:07:25,140 --> 00:07:28,440
And here we also got the meterpreter session opened.

177
00:07:28,440 --> 00:07:30,570
We can execute commands as usual.

178
00:07:30,570 --> 00:07:33,300
So, our program works good.

179
00:07:33,300 --> 00:07:35,610
It has an icon of an image,

180
00:07:35,610 --> 00:07:37,020
it also opens an image.

181
00:07:37,020 --> 00:07:40,770
The only problem is this exe extension and there are some

182
00:07:40,770 --> 00:07:42,150
of the ways that you can fix this

183
00:07:42,150 --> 00:07:44,962
and make it seem like it doesn't have any extension

184
00:07:44,962 --> 00:07:47,951
but most of those ways automatically get detected

185
00:07:47,951 --> 00:07:51,030
by any antivirus out there.

186
00:07:51,030 --> 00:07:52,170
Okay, great.

187
00:07:52,170 --> 00:07:54,973
Now that we covered this, we are ready to finally get

188
00:07:54,973 --> 00:07:57,720
into the post exploitation section.

189
00:07:57,720 --> 00:07:59,190
And here we're going to go

190
00:07:59,190 --> 00:08:01,573
into details with the meterpreter shell,

191
00:08:01,573 --> 00:08:03,420
what options it has

192
00:08:03,420 --> 00:08:06,391
and what post exploitation modules we can run

193
00:08:06,391 --> 00:08:08,940
after hacking the target.

194
00:08:08,940 --> 00:08:10,240
See you in the next video.