i BACKDOORED a Desktop Shortcut (to run malware)
Рет қаралды 78,026
6 ай бұрынjh.live/pwyc || Jump into Pay What You Can training at whatever cost makes sense for you! jh.live/pwyc
Free Cybersecurity Education and Ethical Hacking
🔥KZbin ALGORITHM ➡ Like, Comment, & Subscribe!
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
@AnthraxGg-by8zz 6 ай бұрын
I made an implant where target device connects back to c2, I was thinking of an idea to somehow make it more user-friendly for windows users, and here you provided ma lead, thanks brother!
@TwoBitSorcerer 6 ай бұрын
This video is genuinely brilliant! It's one of the things I really admire about this field: using standard stuff differently and creatively! Thanks John!
@apekatt2007 6 ай бұрын
Research LOLBAS if you liked this :)
@htxFINESSA 5 ай бұрын
Best way to get control
@ima_igo 5 ай бұрын
How to use? @@apekatt2007
@BillAnt 3 ай бұрын
Really great info even for general users who would like to spot these tricks. I always had a funny feeling about LNK files, and examined every one which I downloaded before executing.
@marcoimbellicai4419 6 ай бұрын
Very nice video! As a cybersecurity master student, i really enjoy this content. Also, i envy your hair
@ploocky 6 ай бұрын
Ive been waiting for this master piece of a video!
@darkdagger032 6 ай бұрын
Quite informative video, John. Thanks for your hard work!!!
@vivaanvivaan3920 6 ай бұрын
sir awesome stuff... please upload more videos about this kind of topic.... seriously awesome....we love you sir❤
@hakeeminfosec 6 ай бұрын
I had this doubt (can we alter this application) since I accidentally opened a software's shortcut with VS Code and got to see this whole messy binary thing, and thankfully I understand now. So thankyou for this video :)
@leapbtw 6 ай бұрын
many of your videos are mindblowing to me, but you weaponized shortcuts here !!!
@r3tr0n17 6 ай бұрын
That watch is SOOOOOOOPERRRRR.... DOPE!!
@zionstemple 6 ай бұрын
John really appreciate how you take informative information and present it simply and effectively. Love your channel.
@Dannytello 6 ай бұрын
Brilliant creativity bro😁😁
@mrmonday2000 6 ай бұрын
Windows has a MAX_PATH variable in C that is 256 bytes, therefore, anything taking in a path (even if you /c cmd) will be limited to 256 bytes
@ChrisRebik 6 ай бұрын
Love your Red Team shirt where can I buy one? I want to get that shirt! Thanks
@tinotheplayer 6 ай бұрын
really creative solution!
@MStrong95 6 ай бұрын
Are there any other interesting polyglot file format hybrids that exist? Seems like an interesting video series idea
@amateurprogrammer25 5 ай бұрын
PKZIP (.zip files) will polyglot with almost anything since they put all their header information at the end of the file rather than at the beginning. in fact pretty much all self extracting zip files that exist are extremely-easy-to-create .exe/.zip polyglots. you take a generic exe zip extractor that tries to open itself as a zip file and just concatenate whatever zip file you want.
@foadchode 6 ай бұрын
fun pranks to try in the school computer lab vol. 2
@ReligionAndMaterialismDebunked 6 ай бұрын
I was thinking about someone on KZbin comments, or in a live chat, I forgot where, who said that he/she hates people that talk with their hands. Hahahaha. Seeing you talk with your hands, like I, and many of us do, reminded me of that. I'm part Italian, and Italians are known for talking with their hands. :3 Cheers, brother! Shalom. 🤝😁
@apekatt2007 6 ай бұрын
Weird, dude
@casperes0912 6 ай бұрын
It's boring to look at someone completely motionless talk
@philto9999 3 ай бұрын
I remember doing this lnk thing to be able to play diablo 2 in windowed mode by adding a -w at the end :p
@bnk28zfp 6 ай бұрын
thank you John!
@smartnima 6 ай бұрын
Oh wow this is really cool!
@UBNA671 6 ай бұрын
guys i need to know is ai the go to for subnet solving now, like literally is it , and by the way john i hear you mentioning opening the flood gates by learning programming first ,i have books but its so theory based and im a hands on guy can you make a in depth video of your theory
@iamwitchergeraltofrivia9670 6 ай бұрын
More malware super good
@Ahmed95406 6 ай бұрын
I Enjoyed ,you are genius I love you thank you very much 🤩😍😍
@FuzzerHash 6 ай бұрын
Jhon ever with nice content
@gratisgratos 6 ай бұрын
I have been here 5 minutes since the video has been uploaded
@0oNoiseo0 6 ай бұрын
Love the out of the box thinking in an easy to follow process
@Dreams_On_the_way 6 ай бұрын
after connected with kali a windows machine, what are the commands i can run for showing data of victim machine, if i start anything that thing opens in victim machine, show how can I use victim's computer
@concepcionwilson5815 5 ай бұрын
Please help, If I try this with a .lnk file extension with the copy command I get an error saying that the system can not find the file, but if I try it with a .png or any other type file it sees it. PLEASE HELP 6 hours in!!!🤔🥴
@theonething-0312 5 ай бұрын
You are on sponsored!
@userth13539 6 ай бұрын
How would you deploy it tho? (Curious as a nontech [IT-ignorant] individual)
@MoofyYT 6 ай бұрын
post exploitation
@userth13539 6 ай бұрын
@@MoofyYT I realise that. What I was unsure about is whether it's just snooping or also tagging and backdoor -- again, being an nontech individual
@iWhacko 6 ай бұрын
@@MoofyYT or even email it in a zip file with other innocent files, and hope the person runs it
@MoofyYT 6 ай бұрын
@@iWhacko yep this. Or even as a standalone with a shortcut to a site, and lolbin download of another payload in the bg. But normally I'd just drop one in an open share of an internal.
@Ely-zf2ko 16 күн бұрын
hey what is possible I tried with hta but is there anything else which could work with lnk nice video btw
@for14556 6 ай бұрын
Very nice
@hehefer 6 ай бұрын
so if .ink extension is a doubftul file meaning can it be mwalre bro
@IverGameplays 6 ай бұрын
N O I I C E ! ! 👏👏👍🏼👍🏼
@ReligionAndMaterialismDebunked 6 ай бұрын
Early crew. :3
@gamereditor59ner22 6 ай бұрын
0:15 : Interesting....🤔
@anak_sains_yang_toxic 6 ай бұрын
Goooooooooooooooooooood 🎉
@carsonjamesiv2512 6 ай бұрын
INTERESTING!
@youth-need 6 ай бұрын
Awesome video jhon❤❤ 🇮🇳🇮🇳🇮🇳🇮🇳❤❤
@the_yugandharr 5 ай бұрын
Interesting!!!
@PSL1969 6 ай бұрын
Nice! :)
@ollyjxrvis9501 6 ай бұрын
I dont see the need for having the .lnk data in the start of the .lnk file, if we are just going to change the target anyway, why not just write a hta file, change the file extention to .lnk and do the same. Wondering if I'm missing something here
@mervstar 6 ай бұрын
To keep things at stealthy as possible and still be functional. A .lnk file will fly under the radar for most users, especially if it looks like it's for an application you have installed. A random .hta file showing up anywhere would raise a few alarm bells or at least a furrowed eyebrow or two. With a .lnk file, you can set the properties of it like icon etc. to obscure its true function even further. A .hta file that's been renamed to a .lnk file will just give an error when someone tries to run it because windows will treat it like a .lnk file.
@iWhacko 6 ай бұрын
if it's renamed to .lnk windows will treat it as a link and give you an error because it doesn't know how to interpret the data as a .lnk file. you specify how to run it using mshta.
@sendlocation8476 6 ай бұрын
What a good rat program and where to get?
@nemizy 6 ай бұрын
Wtfff genius man
@XtecherPY 6 ай бұрын
Regular Hackers: Just open this file! John: Just open google chrome
@kedirmamo7818 6 ай бұрын
It is my unfolded Thanksgiving for your restless and selflessly working for the benefit of needy users like me who founded in the edge of cliff resulting me loose up trust from someone who is presenting youtube videos help fix problems with Google betrayal to privacy, selling users data and irresponsible in stay safe to google account and passwards etc was pushing me to the new" IT and Hacking courses" inorder providing study,, knowledge and skill on how to get out of problems indepently by using my ip adress, google account network,wifi since months ago. This is one of usefully presented video out of what you have share users, especially me from the day of onsets of these problems.
@xCheddarB0b42x 6 ай бұрын
🍔
@apekatt2007 6 ай бұрын
Can it run calc.exe? Yes, it can! ❤
@MrHasooooni 6 ай бұрын
how to make every video fun and intersting ??? it is easy just be john hammond !
@eikichi9050 6 ай бұрын
excuse me Mr. Hammond, i have a question. If you have windows defender running, this lnk "malware" file can bypass it or it will be blocked when executed?
@iWhacko 6 ай бұрын
it can run, but depending on the script it might be detected. the standard metasploit payload will most likely be detected.
@f.andersen3824 5 ай бұрын
Thank you, now I see those little fellars with different eyes. 😂
@ANOTHERSHITE 5 ай бұрын
THIS IS FIXED BY NOW RIGHT?? I JUST TRIED IT AND IT DOESN'T WORK SO I'M HOPING ITS FIXED AND I'M NOT JUST FUMBLING SOMETHING
@ANOTHERSHITE 5 ай бұрын
nevermind...super bowl mode fumbles
@ani-zxk 6 ай бұрын
why not just download a backdoor or reverse shell exe file and just change the location to that?
@iWhacko 6 ай бұрын
because if an antivirus was running it would detect the virus right away when it's downloaded onto the machine. Adding non conspicuous text to a lnk might not trigger until it's executed since its just script. And if you build your script right it could deactivate the antivirus or bypass it without detection, before executing the payload.
@TopG_Crypto 6 ай бұрын
I was hacked by this same method
@anonymousking9797 6 ай бұрын
I'm first ❤😂
@eno88 6 ай бұрын
Polyglot is a pretty senseless way to call it.. conglomerate? heck, even alloy makes more sense.
@hama502 6 ай бұрын
vbscript soon deprecated
@MADhatter_AIM 6 ай бұрын
but MS just have added full blown python-support into ms-excel , gotta luv MS for adding some additional attack-vectors.
@victorwambugu1115 6 ай бұрын
I've followed the instructions to the latter and it doesn't seem to work on the reverse shell part
@FriedMonkey362 Ай бұрын
@@MADhatter_AIMdoest the python run on their servers, and only available for paying people
@user-be1hi5jb7v 6 ай бұрын
i enjoy it
@Eldoradotrueshot 6 ай бұрын
i just deleted all my shortcuts.... thanks :)
@adfreeviewer9005 6 ай бұрын
Too late , lol
@Meletion1 6 ай бұрын
8 minutes I’m in.
@alientec258 6 ай бұрын
very cool shit ;)
@bkcommando6969 6 ай бұрын
plss help me my microsoft account is hacked plss reply
@Mazurizi 6 ай бұрын
Is this pay what you can training only available in America or something? The lowest you can pay is $295 - I don’t understand why it is called pay what you can, when it isn’t pay what you can at all.
@nordgaren2358 6 ай бұрын
Did you click on the course and actually go through until you choose a payment option?
@xCheddarB0b42x 6 ай бұрын
That price is for access to their Cyber Range. You can buy the 16 hour SOC Core course for $25, but you don't get access to their infrastructure nor their labs running on there. Honestly, $295 for access to an industry leader Cyber Range is worth it.
@apekatt2007 6 ай бұрын
@@xCheddarB0b42x His point was that the slogan is misleading, not that it is expensive
@iWhacko 6 ай бұрын
im in europe, if you go through the registration process at the last option you can choose how much to pay. It used to be free, but I think they changed it to 25usd so they get less no-shows, since people who pay nothing don't lose anything by not showing up.
@nordgaren2358 6 ай бұрын
@@apekatt2007 it's not, though
@hydrogennetwork 5 ай бұрын
i made a shortcut to run a bat that would run a powershell script that would run a script embedded in a image
@SpektWez 6 ай бұрын
Creative tutorial
@elssarace3957 5 ай бұрын
Sir can you help me to get back my money i got scam
@josephseed3393 6 ай бұрын
Yooo
@HimonRoy-ns2xp 5 ай бұрын
Hi
@Blooded2023 6 ай бұрын
12th comment
@hierarki 6 ай бұрын
wtf how
@SixMaverick 5 ай бұрын
Eh
@timecop1983Two 6 ай бұрын
You should help Ukraine with your cyber skills! I learned some of my most advanced skills here
@lokeshb9025 6 ай бұрын
first
@that_guy1211 9 күн бұрын
lmao, who tf even uses desktop shortcutes when you can just WindowsKey search every program? Or just pin it to the taskbar LOL
@anounTT 6 ай бұрын
32nd
@pmcforever9686 6 ай бұрын
third
@MiuraUY 6 ай бұрын
Nice, kinda cringe seeing this here, but nice
@user-pl8dw1se6t 5 ай бұрын
you lost me a little😅
@cautious-agency8 6 ай бұрын
I’ll pay u 1000$ if u can code me a program that force ops on a Minecraft server lol
@activatewindows7415 6 ай бұрын
ur channels dying :(
@activatewindows7415 6 ай бұрын
@@lumikarhuhuh really? isn't John supposed to be a well respected member of the ethical hacking community? or at lest on youtube?
@cexeodus 6 ай бұрын
october to end of december is always pretty busy for anyone in cs field. the man can take a break i think. 😂 "cHaNnEl DyInG" naw man thats not gonna happen
@KiroKiro-ko3kb 6 ай бұрын
What is the other content creator@@lumikarhu
@jahguideadnan3784 5 ай бұрын
Talking much and actually doing less 😂
@komodiasupport2547 6 ай бұрын
U can talk about a userland rootkit named r77 rootkit in windows,it is fileless rootkit
@Shabbyy. 6 ай бұрын
Hello guys I went to support me l. Software open , file type "pksz "