How to Hide Payloads & Backdoor Inside Images

Hide Payloads Inside Photo

ExifTool : Hide Payloads Inside Images

In this blog, we will explore various methods to hide payload inside an image. For that, we will use ExifTool that is pre-installed in Kali Linux. There are several features inside ExifTool, For example, Hiding payload, extracting metadata, etc. ExifTool gives us the easiest way to extract metadata inside images. It is a free and open-source tool developed by Phil Harvey.

Table of Content

  • Introduction to ExifTool
  • Installation
  • Hide Payloads & Backdoor inside image

Introduction to ExifTool

As you know, we have earlier mentioned ExifTool. The purpose of ExifTool is to read, write and manipulate the metadata of an image. Assume! While solving the CTF challenges, we have seen that port 80 is open into the target system. Without wasting time, we started scraping the webserver. After doing hard work, we found an image in the target system which may be an essential secret hidden. We don’t have any knowledge to extract metadata from inside an image. Now we will apply ExifTool to extract metadata from the image.

Installation

The process of installing ExifTool is easy in Kali Linux. In other operating systems could be different. To install Exifolol in Kali Linux, we need to run the following command.

  • apt-get install exiftool
  • apt-get install libimage-exiftool-perl
installation of exiftool

To get more information about ExifTool, you should read the manual page.

  • man exiftool | more
manual of exiftool

Hide Payloads & Backdoor inside image

From the below image, you can notice that two types of files available inside the ExifTool folder.

  1. pentestblog.png
  2. shell.php

We will extract the entire metadata of the pentestblog.png image with the help of ExifTool. Sometimes during the CTF challenge, the passwords are stored inside the image. We need to execute the given below command.

  • exiftool pentestblog.png | more
metadata

We have designed a payload inside the “shell.php” file that opens the door for code execution on a web server so that attackers can easily access your system.

payload

Now we will hide the payload inside the “pentestblog.png” image. According to the below image, we have already mentioned: “shell. php
To hide this type of payload, follow the below command.

  • exiftool "-comment<=shell.php" pentestblog.png
hide payload inside image

We were able to hide the payload inside the image. I hope you liked this blog.

  • strings pentestblog.png | grep system
successfully add

Again we will extract the entire metadata of the pentestblog.png image with the help of ExifTool. Now you can notice that our payload has attached to the comment field.

  • exiftool pentestblog.png

Latest Posts


The post How to Hide Payloads & Backdoor Inside Images appeared first on Pentestblog.


Descarga programas full El pirata de San Jhony

This post is sponsored by Woodmex Studio