I made an implant where target device connects back to c2, I was thinking of an idea to somehow make it more user-friendly for windows users, and here you provided ma lead, thanks brother!
This video is genuinely brilliant! It's one of the things I really admire about this field: using standard stuff differently and creatively! Thanks John!
Really great info even for general users who would like to spot these tricks. I always had a funny feeling about LNK files, and examined every one which I downloaded before executing.
PKZIP (.zip files) will polyglot with almost anything since they put all their header information at the end of the file rather than at the beginning. in fact pretty much all self extracting zip files that exist are extremely-easy-to-create .exe/.zip polyglots. you take a generic exe zip extractor that tries to open itself as a zip file and just concatenate whatever zip file you want.
@@iWhacko yep this. Or even as a standalone with a shortcut to a site, and lolbin download of another payload in the bg. But normally I'd just drop one in an open share of an internal.
I had this doubt (can we alter this application) since I accidentally opened a software's shortcut with VS Code and got to see this whole messy binary thing, and thankfully I understand now. So thankyou for this video :)
Please help, If I try this with a .lnk file extension with the copy command I get an error saying that the system can not find the file, but if I try it with a .png or any other type file it sees it. PLEASE HELP 6 hours in!!!🤔🥴
after connected with kali a windows machine, what are the commands i can run for showing data of victim machine, if i start anything that thing opens in victim machine, show how can I use victim's computer
I dont see the need for having the .lnk data in the start of the .lnk file, if we are just going to change the target anyway, why not just write a hta file, change the file extention to .lnk and do the same. Wondering if I'm missing something here
To keep things at stealthy as possible and still be functional. A .lnk file will fly under the radar for most users, especially if it looks like it's for an application you have installed. A random .hta file showing up anywhere would raise a few alarm bells or at least a furrowed eyebrow or two. With a .lnk file, you can set the properties of it like icon etc. to obscure its true function even further. A .hta file that's been renamed to a .lnk file will just give an error when someone tries to run it because windows will treat it like a .lnk file.
if it's renamed to .lnk windows will treat it as a link and give you an error because it doesn't know how to interpret the data as a .lnk file. you specify how to run it using mshta.
guys i need to know is ai the go to for subnet solving now, like literally is it , and by the way john i hear you mentioning opening the flood gates by learning programming first ,i have books but its so theory based and im a hands on guy can you make a in depth video of your theory
It is my unfolded Thanksgiving for your restless and selflessly working for the benefit of needy users like me who founded in the edge of cliff resulting me loose up trust from someone who is presenting youtube videos help fix problems with Google betrayal to privacy, selling users data and irresponsible in stay safe to google account and passwards etc was pushing me to the new" IT and Hacking courses" inorder providing study,, knowledge and skill on how to get out of problems indepently by using my ip adress, google account network,wifi since months ago. This is one of usefully presented video out of what you have share users, especially me from the day of onsets of these problems.
excuse me Mr. Hammond, i have a question. If you have windows defender running, this lnk "malware" file can bypass it or it will be blocked when executed?
I was thinking about someone on TH-cam comments, or in a live chat, I forgot where, who said that he/she hates people that talk with their hands. Hahahaha. Seeing you talk with your hands, like I, and many of us do, reminded me of that. I'm part Italian, and Italians are known for talking with their hands. :3 Cheers, brother! Shalom. 🤝😁
Is this pay what you can training only available in America or something? The lowest you can pay is $295 - I don’t understand why it is called pay what you can, when it isn’t pay what you can at all.
That price is for access to their Cyber Range. You can buy the 16 hour SOC Core course for $25, but you don't get access to their infrastructure nor their labs running on there. Honestly, $295 for access to an industry leader Cyber Range is worth it.
im in europe, if you go through the registration process at the last option you can choose how much to pay. It used to be free, but I think they changed it to 25usd so they get less no-shows, since people who pay nothing don't lose anything by not showing up.
october to end of december is always pretty busy for anyone in cs field. the man can take a break i think. 😂 "cHaNnEl DyInG" naw man thats not gonna happen
I made an implant where target device connects back to c2, I was thinking of an idea to somehow make it more user-friendly for windows users, and here you provided ma lead, thanks brother!
This video is genuinely brilliant! It's one of the things I really admire about this field: using standard stuff differently and creatively!
Thanks John!
Research LOLBAS if you liked this :)
Best way to get control
How to use? @@apekatt2007
Really great info even for general users who would like to spot these tricks. I always had a funny feeling about LNK files, and examined every one which I downloaded before executing.
Very nice video! As a cybersecurity master student, i really enjoy this content. Also, i envy your hair
Are there any other interesting polyglot file format hybrids that exist? Seems like an interesting video series idea
PKZIP (.zip files) will polyglot with almost anything since they put all their header information at the end of the file rather than at the beginning. in fact pretty much all self extracting zip files that exist are extremely-easy-to-create .exe/.zip polyglots. you take a generic exe zip extractor that tries to open itself as a zip file and just concatenate whatever zip file you want.
fun pranks to try in the school computer lab vol. 2
0:15 : Interesting....🤔
Ive been waiting for this master piece of a video!
Windows has a MAX_PATH variable in C that is 256 bytes, therefore, anything taking in a path (even if you /c cmd) will be limited to 256 bytes
That watch is SOOOOOOOPERRRRR.... DOPE!!
This thing is so powerfull. Very nice video!
many of your videos are mindblowing to me, but you weaponized shortcuts here !!!
I remember doing this lnk thing to be able to play diablo 2 in windowed mode by adding a -w at the end :p
How would you deploy it tho? (Curious as a nontech [IT-ignorant] individual)
post exploitation
@@MoofyYT I realise that. What I was unsure about is whether it's just snooping or also tagging and backdoor -- again, being an nontech individual
@@MoofyYT or even email it in a zip file with other innocent files, and hope the person runs it
@@iWhacko yep this. Or even as a standalone with a shortcut to a site, and lolbin download of another payload in the bg. But normally I'd just drop one in an open share of an internal.
When you copy that malicious hta file to the exe, it becomes gibberish. Is there any way to extract the hta?
Keep Going Up❤❤
I had this doubt (can we alter this application) since I accidentally opened a software's shortcut with VS Code and got to see this whole messy binary thing, and thankfully I understand now. So thankyou for this video :)
Regular Hackers: Just open this file!
John: Just open google chrome
Please help, If I try this with a .lnk file extension with the copy command I get an error saying that the system can not find the file, but if I try it with a .png or any other type file it sees it. PLEASE HELP 6
hours in!!!🤔🥴
Brilliant creativity bro😁😁
after connected with kali a windows machine, what are the commands i can run for showing data of victim machine, if i start anything that thing opens in victim machine, show how can I use victim's computer
so if .ink extension is a doubftul file meaning can it be mwalre bro
Quite informative video, John. Thanks for your hard work!!!
THIS IS FIXED BY NOW RIGHT?? I JUST TRIED IT AND IT DOESN'T WORK SO I'M HOPING ITS FIXED AND I'M NOT JUST FUMBLING SOMETHING
nevermind...super bowl mode fumbles
can you embed with .pdf file ?
You are on sponsored!
Love your Red Team shirt where can I buy one? I want to get that shirt! Thanks
I dont see the need for having the .lnk data in the start of the .lnk file, if we are just going to change the target anyway, why not just write a hta file, change the file extention to .lnk and do the same. Wondering if I'm missing something here
To keep things at stealthy as possible and still be functional. A .lnk file will fly under the radar for most users, especially if it looks like it's for an application you have installed. A random .hta file showing up anywhere would raise a few alarm bells or at least a furrowed eyebrow or two.
With a .lnk file, you can set the properties of it like icon etc. to obscure its true function even further. A .hta file that's been renamed to a .lnk file will just give an error when someone tries to run it because windows will treat it like a .lnk file.
if it's renamed to .lnk windows will treat it as a link and give you an error because it doesn't know how to interpret the data as a .lnk file. you specify how to run it using mshta.
sir awesome stuff... please upload more videos about this kind of topic.... seriously awesome....we love you sir❤
really creative solution!
guys i need to know is ai the go to for subnet solving now, like literally is it , and by the way john i hear you mentioning opening the flood gates by learning programming first ,i have books but its so theory based and im a hands on guy can you make a in depth video of your theory
I was hacked by this same method
Thank you, now I see those little fellars with different eyes. 😂
What a good rat program and where to get?
Awesome video jhon❤❤ 🇮🇳🇮🇳🇮🇳🇮🇳❤❤
John really appreciate how you take informative information and present it simply and effectively. Love your channel.
🍔
i just deleted all my shortcuts.... thanks :)
Too late , lol
Oh wow this is really cool!
I have been here 5 minutes since the video has been uploaded
Can it run calc.exe? Yes, it can! ❤
Polyglot is a pretty senseless way to call it.. conglomerate? heck, even alloy makes more sense.
You can't get away with this.
More malware super good
vbscript soon deprecated
but MS just have added full blown python-support into ms-excel , gotta luv MS for adding some additional attack-vectors.
I've followed the instructions to the latter and it doesn't seem to work on the reverse shell part
@@MADhatter_AIMdoest the python run on their servers, and only available for paying people
thank you John!
Love the out of the box thinking in an easy to follow process
N O I I C E ! ! 👏👏👍🏼👍🏼
plss help me my microsoft account is hacked plss reply
It is my unfolded Thanksgiving for your restless and selflessly working for the benefit of needy users like me who founded in the edge of cliff resulting me loose up trust from someone who is presenting youtube videos help fix problems with Google betrayal to privacy, selling users data and irresponsible in stay safe to google account and passwards etc was pushing me to the new" IT and Hacking courses" inorder providing study,, knowledge and skill on how to get out of problems indepently by using my ip adress, google account network,wifi since months ago.
This is one of usefully presented video out of what you have share users, especially me from the day of onsets of these problems.
Jhon ever with nice content
how to make every video fun and intersting ??? it is easy just be john hammond !
Now defender is detected ink shortcut to run any comments,...
excuse me Mr. Hammond, i have a question. If you have windows defender running, this lnk "malware" file can bypass it or it will be blocked when executed?
it can run, but depending on the script it might be detected. the standard metasploit payload will most likely be detected.
I Enjoyed ,you are genius I love you thank you very much 🤩😍😍
I was thinking about someone on TH-cam comments, or in a live chat, I forgot where, who said that he/she hates people that talk with their hands. Hahahaha. Seeing you talk with your hands, like I, and many of us do, reminded me of that. I'm part Italian, and Italians are known for talking with their hands. :3 Cheers, brother! Shalom. 🤝😁
Weird, dude
It's boring to look at someone completely motionless talk
i made a shortcut to run a bat that would run a powershell script that would run a script embedded in a image
Goooooooooooooooooooood 🎉
Amazed!
Sir can you help me to get back my money i got scam
Early crew. :3
Very nice
You should help Ukraine with your cyber skills! I learned some of my most advanced skills here
INTERESTING!
Is this pay what you can training only available in America or something? The lowest you can pay is $295 - I don’t understand why it is called pay what you can, when it isn’t pay what you can at all.
Did you click on the course and actually go through until you choose a payment option?
That price is for access to their Cyber Range. You can buy the 16 hour SOC Core course for $25, but you don't get access to their infrastructure nor their labs running on there. Honestly, $295 for access to an industry leader Cyber Range is worth it.
@@xCheddarB0b42x His point was that the slogan is misleading, not that it is expensive
im in europe, if you go through the registration process at the last option you can choose how much to pay. It used to be free, but I think they changed it to 25usd so they get less no-shows, since people who pay nothing don't lose anything by not showing up.
@@apekatt2007 it's not, though
Creative tutorial
wtf how
I'm first ❤😂
Interesting!!!
Hi
Yooo
8 minutes I’m in.
Eh
i enjoy it
Nice, kinda cringe seeing this here, but nice
Nice! :)
very cool shit ;)
you lost me a little😅
I’ll pay u 1000$ if u can code me a program that force ops on a Minecraft server lol
12th comment
first
32nd
third
lmao, who tf even uses desktop shortcutes when you can just WindowsKey search every program? Or just pin it to the taskbar LOL
ur channels dying :(
@@lumikarhuhuh really? isn't John supposed to be a well respected member of the ethical hacking community? or at lest on youtube?
october to end of december is always pretty busy for anyone in cs field. the man can take a break i think. 😂 "cHaNnEl DyInG" naw man thats not gonna happen
What is the other content creator@@lumikarhu
Talking much and actually doing less 😂
U can talk about a userland rootkit named r77 rootkit in windows,it is fileless rootkit
Hello guys I went to support me l. Software open , file type "pksz "