Hackers Are Waiting For You to Open This Image
ฝัง
- เผยแพร่เมื่อ 6 มิ.ย. 2024
- This video will show you how hackers can control your device using a trojan via discord!
🔴 Get $100 FREE credit on Linode to create your own cloud server (Valid for 60 days)👇
www.linode.com/zsecurity
------------------------------------------------------------------------------------
Maythom personal TH-cam channel: / @maythom
Patreon: / maythom
Instagram: / mayth0m
Twitter: / mayth0m
zSecurity Company - zsecurity.com/
Community - zsecurity.org/
zSecurity social media here ##
zSecurity Company - zsecurity.com/
Community - zsecurity.org/
Facebook - / zsecurity-145325078145...
Twitter - / _zsecurity_
Instagram - / zsecurity_org
Linkedin - / zsecurity-org
TikTok - / zsecurity_org
-------------------------------------------------------------------------------------
Resources:
Icon convert website: icoconvert.com/
Github Tool: moom825/Discord-RAT-2.0
WinRar: www.win-rar.com/download.html
------------------------------------------------------------------------------------
Timestamps:
0:00 - Intro
00:45 - Thanks to Linode!
01:33 - Installing the tool
02:35 - Clarification
03:29 - Creating a Discord Bot
04:32 - Creating a Discord Server
05:28 - Building the backdoor
07:55 - Building the trojan
10:50 - Trojan in Action!
13:56 - Securing Yourself from this
15:06 - Thank you!
-------------------------------------------------------------------------------------
⚠️ Please be advised that this video is made for educational security purposes only. Also note that you shouldn't test on devices that you don't have permissions to test. We always have the permissions granted to test the accounts/devices used on this channel.
I hereby affirm that the devices employed in this video are under my exclusive ownership, and the primary purpose of this content is strictly educational. It is of great importance to emphasize that this video does not, in any way, endorse or encourage any unethical activities.⚠️
The LEGENDARY line "For educational purposes only"....💀😎🥃
and we use it to spy unknown by saying educational purposes only 💀💀
@@rakiburshuvo09 of course they will tell you to the main purposes, but we must agree that is really cool.
Very legendary
How to negate all liability
People who did not heard the epik line: "oh yeahhhh baby its hecking time "
I was scanning the image files with my antivirus and my friend was laughing, now I am gonna send him that video :D
only jpg can hold data. not other extension.
I'm afraid it won't detect it anyway. Until you double click it is a compressed file.
just turn on show file extensions
How to identify: if you don't have file extensions enabled, do not open ones that appear with an extension, also scrs and com files are basically executable but com is old.
The file type whould be show as Application
I love Z security for this reason . Their video is well explained and organized and so easy to understand the process ❤
When they say "educational purposes only" you know they ain't gon bs around 💯🔥
This is cool but nobody would actually fall for this because windows will have that pop up saying that it’s an untrusted executable
Man youd be surprised, someone young would and with social engineering too its game over. SWIM used to go into minecraft servers have a friend who (didnt know me) but would "downlod" my rat and vouch for it to have worked(some minecraft mod or a hack for it, even went as far as to make them in java) and thats all itd take for people to be trucked
Simple fix… obfuscation
@@sysk3y-prod771How would obfuscation fix that? It would still give you a popup before it runs telling you its an executable not an image.
I got hack with this same trick three days ago it made me erase all data from my PC. Thank God I realised quickly that I was being hacked otherwise the attacker could have gone with my credentials. The attacker embedded the code in unsuspicious link under a video tutorial which I clicked and that was all it disabled everything on my computer.
@@sysk3y-prod771I thought I had responded to this, I think my other comment got auto flagged for some reason. Obfuscation would not fix the issue of a gui popping up before you run the executable that tells you its an executable not an image.
Will it execute if I right-click on file to go to properties but I already have XNView MP with shell extension to show me image preview in explorer?
With a keygen so You got all the virus You need
I always look for the extension to be not ".exe" ... but the reverse character is new to me.
So now I'll always also pay attention to filenames like "[filename] exe. [fileending]"
So this would also work if you send .pdf files to other people...
I love these , I like to open the exe in ida pro get the token and take control over the bot/ channel it is. Noticing people use either discord or telegrams as a command and control center , the biggest mistake is hard coding api or keys in the exe
its scary how insecure windows is, thanks for sharing
Won’t this be detected by windows defender?
@@menreikichan8291it should be but sometimes people turn it off for some reason
@@menreikichan8291not allways
@@menreikichan8291 yes this will detect by windows defender that is why we should not disable windows defender in any case.
Not insecure man if you know how to handle the OS. differently people with less knowledge with system will use computer just like gaming or working. but I am experiencing about OS and a bit more about coding. so I have a programs and some Un official tweaks for my windows. so my system so far so good and virus always detected even the services virus background 😁
thank you as a user how to identify such manipulated image
super i like it thanks for the valuable information.
Wow! This has been insightful to me about the trojan. Thanks a lot lot more, very thankful sir... Any way i have a question, will the victim PC always be connected to the server immediately when the victim is connected to the internet, or it will require the user to open the trojan file.
Any ideas/comments on the above question?
Thank you
@zSecurity: What about emulator does are application.exe but the majority of them are not virus and the reason they are is to make sure the game work when you used the emulation since you need executable file to run the game.
brilliant steganography technique
Bro it took me few seconds to realize that it’s you. Looking great in beard.
Thanks for guiding us for using VMware machine before practicing this work.
how old are you tbh. 😮
Its not working right now , fixed by discord. Right?
@@robinsonpk5867is it working now
It's been ages men😢
Perfect zsecurity guys
This technique is actually very old, I knew about it in the 2000s, but before that no one discussed this matter
For one trillion years I've been trapped in my own decaying dimension, waiting for a new universe to call my own.
if an image is hacker thing and your image opener makes them hack you get rid of it as a image program reads out the image colors at their positions and voila no hacking on to you, and this goes also for your videos,,,
Been a while since y'all posted. Shalom. Hehe. :3
It might work until you have file extensions enabled or download it from a internet browser, there it will say "image.jpg.exe"
Instead of turning off windows defender, you could add a exclusive folder or zone where the AV Wil not scan. I know some infostealers use this method
do you mean the victims PC defender must be turned off so that the connection can pass?
@@Compute_and_Hack no defender can still be on and active. If you add an exclution zone you can run code without it being scanned by defender and I think even amsi
@@Muziek37414 Thanks
I want to target android Is it same for android ?
@@Muziek37414 how please
im using clinet built and it keeps telling me windows cant fijd this it opens the image but dosent make it execute
Once the hack is done, I have the information about the victim machine so now my question is will the firewall be closed on the victim machine or is there nothing to do with it...?
yoooo thanks so much
The fact that the name of these malicious files always end with "exe" can be helpful to spot them
Ty
@@user-dk7os6hp4z You're welcome bro
Many youtubers says it's an educational vdieo but it's educating and updating an hacker for more features 😂😂 like here if you like it😂😂
if your know you know
This little trick has been around for years. It’s not teaching anyone anything new and there are plenty of ways to defend it. But that sword swings both ways. It may teach some new hackers something, but it also teaches everyone else what to look out for.
when someone opens it i can only do 2 commands before it just stops working can i have help?
if you have window defender on will it still download and execute?
Will it work if I have firewall to block new connection
Maybe show to add some persistence? With powershell add on startup
I want to target android Is it same for android ?
Why aren't file extensions enabled by default? It just makes sense...
Any idea for android target setup?
Will Anti Virus on windows PC detect the backdoor when the user try to download and view it?
Please ask them to keep waiting? I have dial up and it said I've got 8 months left until the image is completely downloaded!
Won't Windows defender catch this if they click on the image??
Wait!! After the user opening you should close the picture, not going to discord, as user will not stare at the BMW forever. :)
can u only Control if the picture is open? then Its useless lol
@@-zarex-6847 u can control even when they close it bc the rat is hidden some where else not in the photo
@@chattf is that possible on mobile too, like whne u install apk? I never openes photos on mobile but with anything else like the base Game apk is actually this Virus?
@@-zarex-6847 no clue
Form to input guild Id and server id is not opening
during my intern i was victim on this , the usb is encrypted
new fear unlocked
Amazing video thanks a lot
Hey what happen if user is offline and then open the file and deleted in offline mode by finding nothing on file
Can still we have access
the backdoor wouldn't be activated at that moment since the file couldn't establish a connection to the attacker's server or execute any malicious code while offline.but once the friend goes back online, if the backdoored image contains executable code or a script that initiates a connection to the attacker's server, the backdoor could potentially execute its malicious payload.
does it work on smartphones also?
yeah, it's working but windows firewall detected (can u make video for win firewall to avoid malware in image)
Downloading a tool that will do all the work is kinda pointless. I thought you where gonna go through the theory.
This worked soo much on my school project i got A+ thanks
It's work on mobile as well??
Is this executable is detected by Av??
What's funny if you scan the virus on triage, it can log the bot's token the attacker is using and it can be used to login with a discord bot client and screw up their current operation
Basically sending a good dose of karma to the attacker
Taking your course on udemy, thanks!
can you give it to me for free?
This hugely complex security exploit can be easily avoided in any operating system if you just DON'T HIDE EXTENSIONS FOR KNOWN FILE TYPES
When i click '' build " it says Unhandaled exeption occurred in your app. Can anyone help?
I tried this but when i tried to change the name and the picture it came with the same error ''ATR not found''
injected PIC, its new for you?
Type of file WEBP (.webp) what this?
Work on phone?
Many softwares like Telegram has auto download what I hate cause so many strangers/scammers messaging you with image messages.
You have to disable downloads settings after setup or every installation but for the safety that settings must be disabled as default!
Know the difference between steganography and evasion
So why is a file allowed to be listed as jpeg if its an app?
i think the cons are the space of the file , it can be spotted
Ill try this on you😂
My brother is going to have some troubble finding this one 😂
Please the renaming can you edit later and modify the exe in the file name?. Thank
Sir where is your channel can you please give me the link of your channel
in my pocket
hi ser is it working on phones
Still showing my icon only not my executable file😢😢 y pls someone should answer me😢
I'm pretty sure most email providers will pick this up as malicious.
Yea easily, you need to learn by-passing AV and reverse engineering to make it undetectable.
Mine is still showing the .ico extension y😢😢
after 10 min my discord bot is offline how can i fix it?
any other way other than discord?
What is the useful app to avoid hackers?
best Sir, but can u tell me how can we build in pdf file for android, kindly make a video for android and uplaod on channel, please
We did this in 2006 😜 Easy to track keystrokes, screenshots, and more.
Please explain How to drive by download a malware virus and how to upload it for a phone can download it
me with image extensions turned on:
Ah yes. The ultimate excuse. “For educational purposes only”
Sir how te create Android apps...
Well that can be resolved by extraction the file and kill the virus service
Thank you for your precious time and knowledge. ❤
.exe is too beginner that i automatically ignore when i enable extension in Windows Explorer. I prefer to have virus in an image file that i cannot complain
is it also work in androaid mobile?
Can kill windows security for this image?
I can't use any commands like !help. Help me please
im gonna make this and put it on my friends and rickroll them 💀
5:43
Just embed the reversed Base64 of your payload after the 2nd byte in any jpg file. Image parsers will ignore it as Metadata.
And your image won't look suspicious.
No need for exe renaming tricks.
How does this work?
@@Hello-eg8er i think he means instead of storing the payload inside the exe, just have the code in the exe read the images metadata and parse it
how you can bypass the windows defender or antivirus when the user click on it ?
@@mmtaqi8448 you can't. All files automatically get mark of the web (except ISOs and such)
Special thanks to do Discord , Github , MS-Windows Charmap for supports DIY malware(not really)
How are you managing to keep your TH-cam channel covering hacker issues?
I had a channel with several hacker-related topics and TH-cam, after I had 200 videos, deleted my channel.
How can you keep the videos?
You forgot to add for educational purposes 😂
@@user-pv6mx4wi5x I put it in the video description that it was for educational purposes and even then it didn't allow it until a warning at the beginning of the video
You're not supposed to show everything in video, you shouldn't be showing malicious code on the screen and there shouldn't be a real victim 🚶 there's a grey area in the education section and it's pretty easy to cross over it 🚶 btw you can still send a takeout request to google for that channel even if it's terminated and you'll get permission to download your videos
Hii bro can u teach me how to start hacking...
Yo this linode can people name 5 users who use it?
I always change the settings to show the files extension and show the hidden and protected windows files since the age of windows XP, so clickbait won't work , why don't they make these setting default? Hiding files extension will just prevent people from learning some simple thing
the bot doesnt works idk why
Teach how to embed a RAT(apk)into am image
But how can you sent this file. I mean all programs as discord, email… recognize that that is a virus a blocks it?
You'll send zip file with password
Flipkart is very scandalous
Please someone tell if it can be done to android device 🙏🙏🙏🙏
I cant even extract it it wont let me
No open discord application