very *Educational Purposes

you do realize computer hacking is very illegal

have how send the code of the weehook.exe

​@@The_Wafool "hacking" is not the same as "stealing people's data and damaging property". So no, hacking is not illegal. What is illegal is using means of hacking to commit actual crimes like stealing, harassing, damaging property, etc. In the same way that teaching people how to pick locks is not illegal either. Though, in many situations, people may state that "hacking" IS "stealing data" as an over simplification of the word. This over simplification causes confusion and makes people think that Hacking is (and can only be) the act of breaking security for the purpose of stealing (and other crimes), but you can hack without causing damage to anyone. Hacking is simply the act of bypassing of security measures, or breaking some other system to gain access or priveledges. But if you have been given permission by the right people to have such access or priveledges, then it's not illegal. And spreading awareness of computer security flaws, like how @ebolaman_ has done here, helps everyone to know how to protect themselves against these exploits. If this was not shown here, it will still be shown in other places where actual criminals hang out. Showing these security flaws can even lead to an eventual patch of the flaws. So keeping this information secret can be more dangerous to everyone.

​@@The_Wafoolno way, its very much legal man what are you talking about?

I guess it is the same for nudity counting as art.

​@@F1L337t w i t c h

Not really, he showed us how is it made so now we're aware how to be careful in case of sus file

it is educational init

I have soo many *educational purpose* ideas!!!🤣🤣

But I think the extension in the properties menu would still be the right one

@@Yazan_Majdalawiit will, but who looks at that In fact many scammers will just name it "pic.png.scr" and hope that the victim has the "hide known file extensions" option enabled, because it's still the default on Windows lmao

@@Archimedes.5000man.. Windows. I'd be on Linux still if devs supported their stuff on it more

He hasnt done anything illegal.

Y can hide virus by this method ​@@MAGNETO-i1i

It's not like he is going to distribute any zero day exploit through youtube video.

​@@MAGNETO-i1iyeah, nothing legal. It's like watching hentai knowing all characters are over 18

this is old one, if you do this, even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)

​@@catorlife can confirm, it's been like this for a while now

The name will go back to it's original form once you upload it somewhere, so not useful even if the target has no antivirus

there are file managers that separate extension from rest of name like double commander

Wow even as a CS student ? Xdd

thatts his whole channel

lol

@niikolehmainen Real.

@koolehmainen sure but I'm on Linux so idk if it'll work the same

It's useful to know how they work. You can learn some interesting code too, help to defend people against malware and learn how to remove the persistent back doors. Just don't get hit by a crypto locker.

True but you're sending it to someone else anyways

Wtf .scr is 'script' not 'screenshare'

@@андрей_свиридов it's Screensaver

@@андрей_свиридовeveryone is wrong it’s screen saver😂

@@Meletion1 yeah, that too. I have bubbles.scr installed as my Win11 screensaver :)

Could you tell that how do you switch to a custom system pack and disable thumbnails

​@@Cryptocurrency69 ask Google

@@Cryptocurrency69 Both answers depend on your operating system. You'll have to ask mama Google.

Doesn't help if you're a high value target, the real trick is to know Windows screensavers are autoran executables, and to check the file type. Or use Unix because NT has one of the most comprehensive filesystem permission systems ever that doesn't have execute as an attribute.

You can also just have file extensions visible by default. But the more steps you take, the safer you'll be. The scary part is that these changes only help you if you know what you're looking for. Imagine the normal user...

I was tryna find this for so long and this was here the whole time????

frr

The question is whether windows defender detects it as malicious? Or does it depends upton the the exe that is being executed.

Shit I was doing 25 years ago

@@xodzphone I was doing it 50 years ago

:)))))))))))))))))

Is Windows Defender included in "most AV's"?

​@@phir9255probably yeah wd is the most annoying av because it just does to much I don't have it because it even blocks my work

@@phir9255windows defender is an AV (anti-virus software) preloaded with the windows OS

​@@phir9255likely

@@phir9255 considering windows defender is default installed on all windows operating system, then yes it would be considered part of “Most AV’s”

What about Arabs and Asians, millions would be pissed about having to type their filenames in reverse

you can check the file extension and size when downloading files

both

Have you watched the entire video? because it can look like a png or whatever file and still run as a cmd. @@kamimatsuyama

the RLO method doesn't work after uploading a file to 99.9% of file hosts online. you shouldn't be scared. if you're skeptical, you can always just right click and check the properties

Wasn't there an exploit that basically did that?

They just send the embed from a other device once they click the image it’s all a scam

@@pinguluk1 no that’s not possible because of how discord works. When you send an image, discord harvests that information and displays the image, more or less like a middleman, in other words it’s literally just an image, you can’t hide executables in it.

thats why you only look at the embed

@@pinguluk1 yeah there somewhat was. for others in the replies: .WebP (note; webp wasn't the only thing that was exploited nor was it only discord related but its the one with most information.)

So ANY image on discord could be laced like this??? Wtf how do you even stay safe from this? Idk how to work linux

​@@infectieonUploaded images with machine code execution will get rejected because they're not REALLY images; The headers and offsets are wildly different and be considered corrupt or invalid. You only need to worry about fake 'images' stored directly on your file system, and make sure not to run them.

Also the reversed text trick used to spoof the file format works only on explorer and a gew other programs, in the most of apps this trick won't work and the original file format will be shown

"linux is free if your time is worthless" proceeds to get hacked by an image

​@@CluelessGeekthis was the cause by my change to dual boot windows/linux to just linux 😅

So have u been bleto tech virus to Gmail ?

I'll give a huge reward to anyone who can make it

@@guili-p7m i was able to do it. so what u gonna give me?

Yeah this isn't actually a danger to anyone. The only reason windows isn't freaking out about the file is because it was made on his computer. If you were to upload that to the Internet and try running it on another computer it'd get instantly sent to the shadow realm by even the worst of anti viruses

@@ILoveTinfoilHats I tried making my own, and Windows Defender successfully stopped it from executing. Maybe the video uploader disabled Defender for the sake of the demonstration?

@@Lar_me yes exactly my point, even the crappiest of antivirus programs would catch this low-level bug

I am taking Cybersecurity as a trade, this is educational to me. :D

how come? I learnt that Win is still a mess in these days.

? It doesnt have to have an educational use, he's educating on a subject, which makes the video educational. Whether that be if you were educated on how to infect other peoples machines or to better protect against having your own machine infected, this video was by definition educational as it taught something

@@Noahitis that comment was from 5 months ago...

@@MiguelWilson0 people comment on my stuff from 6 years ago, it doesn't change the validity of what I just said

Old person.

I wasn't even born yet lmao. You're awesome 😎💯

Yes thats what i says its too old 😂😂

Same here

Same here

the RLO method doesn't work after uploading a file to 99.9% of file hosts online. you shouldn't be scared. if you're skeptical, you can always just right click and check the properties

don't download anything

Its depends. If has a malwer blocks it if dont it not

I'll give a huge reward to anyone who can make it

.lnk is the shortcut extension

i’m literally a professional skid

@@ebolaman_ lol, why not progress deeper tho?

@@htgg9006 what makes you think he hasnt

the only thing skid here is the skidmarks in ur underwear bro

@@beamsandshits your channel is literally roblox exploits, why you bein a kid instead of doing real sh*t? No need to get mad but if you're into cyber do it all the way and not like a clown

github.com/EbolaMan-YT/Multi-Tool

@@ebolaman_ thank you good person!!

Ngl downloading a file from this guy is the last thing I would do

alr

thanks alot first time a youtuber actually responds to their viewer good job@@ebolaman_

i mean its already simplified enough its not that hard to follow

for me it is@@pyro4888

right click>insert unicode character

@@ebolaman_ he wants to know how youre able to see that unicode thing

@@Dino-zg2vx when youre renaming the file just right click on the file name and it should give you those options. he literally told you to pay attention

@@Dino-zg2vx it's just built into windows

“Ramson”

idk abt roblox stubs but yeah it only works w discord if u zip it

@@ebolaman_ damn, are there any stubs you'd recommend

@@phsycdelicjs learn c stop being a skid >w

​​@@omggggggggg-jkyssmalware in C is very annoying to make

@@phsycdelicwhy u wanna beam so bad😂😂😂

doesnt save you buddy

Discord bot

it sends post request to an url

You will have to go into the registry to show the file extension but since the file extension for a shortcut is .lnk, it would seem really suspicious

Don't pretend that linux doesn't have a shit ton of other vulnerabilities. And I'm not even talking about how painful it is to use

@@Bo0mber "painful to use" clearly you havent used windows with it's painful constant crashes & all around instability "vulnerabilities" true, however let's not pretend windows doesnt have the same ones + a bunch of phishing ones - this video essentially describes a text-rendering bug allowing you to perform a phishing attack, something that i would like to see happen on linux tricking users into opening an "image" is way easier than any phishing attack that relies on literally anything on a modern, up-to-date linux system ever will be also, since we're now comparing actual vulnerabilities, i can still load genshin's kernel mode driver for free kernelspace privilege escalation on a system which never had genshin installed - it's still trusted by windows :) microsoft doesn't give too much of a fuck about fixing legitimate vulnerabilities, linux kernel & other critical-inifra developers usually do.

to clarify: the text-rendering bug is only a bug due to it's possible use-cases; I get the use for an RLO, it's just considered a bug due to it being abusable in this specific context.

@@HeyVSauce saying I haven't used windows is so ridiculous I don't think you believe it either. As far as stability goes, from my quite limited experience with ubuntu, I can say it is way less stable and usually when you try to make something work in linux it takes several hours of recearch, whereas in windows it just works right away. I also don't remember the last time I've seen something crash, maybe it is because my computer isn't 20 years old? As for vulnerabilities, I'm not arguing about how many there are in each os, I'm just saying it's quite dumb to pick an os based on this factor when "preffered" os isn't even free from them

​@@Bo0mber ubuntu is maintained by canonical, a company not known for anything except being idiotic amongst the linux community. when I run windows for testing shit, I'm running on like 2-3 year old hardware, and the amount of random crashes I get when doing the simplest of things is insane - sure, it won't just crash when opening notepad, but it is a very unstable operating system. even just the APIs it provides to usermode applications cannot stay stable for 0.3ms

the code that sends the message to the webhook is an placeholder for a token logger

C# ? C++ ? Python ?

c#@@KyuDoesCode

Look for it on google

hahahah really? main point you donkey, have a good xmas tho and stay safe

no shit sherlock

nppp

www.patreon.com/EbolaMan

are you dumb...