Hackers Are Waiting For You to Open This Image
Рет қаралды 176,579
Күн бұрынThis video will show you how hackers can control your device using a trojan via discord!
🔴 Get $100 FREE credit on Linode to create your own cloud server (Valid for 60 days)👇
www.linode.com/zsecurity
------------------------------------------------------------------------------------
Maythom personal KZbin channel: / @maythom
Patreon: / maythom
Instagram: / mayth0m
Twitter: / mayth0m
zSecurity Company - zsecurity.com/
Community - zsecurity.org/
zSecurity social media here ##
zSecurity Company - zsecurity.com/
Community - zsecurity.org/
Facebook - / zsecurity-145325078145...
Twitter - / _zsecurity_
Instagram - / zsecurity_org
Linkedin - / zsecurity-org
TikTok - / zsecurity_org
-------------------------------------------------------------------------------------
Resources:
Icon convert website: icoconvert.com/
Github Tool: moom825/Discord-RAT-2.0
WinRar: www.win-rar.com/download.html
------------------------------------------------------------------------------------
Timestamps:
0:00 - Intro
00:45 - Thanks to Linode!
01:33 - Installing the tool
02:35 - Clarification
03:29 - Creating a Discord Bot
04:32 - Creating a Discord Server
05:28 - Building the backdoor
07:55 - Building the trojan
10:50 - Trojan in Action!
13:56 - Securing Yourself from this
15:06 - Thank you!
-------------------------------------------------------------------------------------
⚠️ Please be advised that this video is made for educational security purposes only. Also note that you shouldn't test on devices that you don't have permissions to test. We always have the permissions granted to test the accounts/devices used on this channel.
I hereby affirm that the devices employed in this video are under my exclusive ownership, and the primary purpose of this content is strictly educational. It is of great importance to emphasize that this video does not, in any way, endorse or encourage any unethical activities.⚠️
@mrdirect4053 2 ай бұрын
The LEGENDARY line "For educational purposes only"....💀😎🥃
@rakiburshuvo09 2 ай бұрын
and we use it to spy unknown by saying educational purposes only 💀💀
@opinysamuelleo3457 Ай бұрын
@@rakiburshuvo09 of course they will tell you to the main purposes, but we must agree that is really cool.
@walakiraismail3907 Ай бұрын
Very legendary
@Cheez_and_crackers Ай бұрын
How to negate all liability
@Noone-ml1me Ай бұрын
People who did not heard the epik line: "oh yeahhhh baby its hecking time "
@sasTRproabi Ай бұрын
I was scanning the image files with my antivirus and my friend was laughing, now I am gonna send him that video :D
@hollycow8171 Ай бұрын
only jpg can hold data. not other extension.
@jasp402 Ай бұрын
I'm afraid it won't detect it anyway. Until you double click it is a compressed file.
@dangerous_tumor3 23 күн бұрын
just turn on show file extensions
@officialabandonedcrack Ай бұрын
How to identify: if you don't have file extensions enabled, do not open ones that appear with an extension, also scrs and com files are basically executable but com is old.
@Naxxami 21 күн бұрын
The file type whould be show as Application
@gtr8741 Ай бұрын
When they say "educational purposes only" you know they ain't gon bs around 💯🔥
@mythbasters3119 2 ай бұрын
I love Z security for this reason . Their video is well explained and organized and so easy to understand the process ❤
@flash_gang 2 ай бұрын
This is cool but nobody would actually fall for this because windows will have that pop up saying that it’s an untrusted executable
@eyezikandexploits 2 ай бұрын
Man youd be surprised, someone young would and with social engineering too its game over. SWIM used to go into minecraft servers have a friend who (didnt know me) but would "downlod" my rat and vouch for it to have worked(some minecraft mod or a hack for it, even went as far as to make them in java) and thats all itd take for people to be trucked
@sysk3y-prod771 2 ай бұрын
Simple fix… obfuscation
@flash_gang 2 ай бұрын
@@sysk3y-prod771How would obfuscation fix that? It would still give you a popup before it runs telling you its an executable not an image.
@giftmoyo9957 2 ай бұрын
I got hack with this same trick three days ago it made me erase all data from my PC. Thank God I realised quickly that I was being hacked otherwise the attacker could have gone with my credentials. The attacker embedded the code in unsuspicious link under a video tutorial which I clicked and that was all it disabled everything on my computer.
@flash_gang 2 ай бұрын
@@sysk3y-prod771I thought I had responded to this, I think my other comment got auto flagged for some reason. Obfuscation would not fix the issue of a gui popping up before you run the executable that tells you its an executable not an image.
@NikolaTomic 2 ай бұрын
Will it execute if I right-click on file to go to properties but I already have XNView MP with shell extension to show me image preview in explorer?
@keto4life197 Ай бұрын
With a keygen so You got all the virus You need
@donjohnson6063 27 күн бұрын
I love these , I like to open the exe in ida pro get the token and take control over the bot/ channel it is. Noticing people use either discord or telegrams as a command and control center , the biggest mistake is hard coding api or keys in the exe
@Klebedose95 Ай бұрын
I always look for the extension to be not ".exe" ... but the reverse character is new to me. So now I'll always also pay attention to filenames like "[filename] exe. [fileending]" So this would also work if you send .pdf files to other people...
@OGmolton1 Ай бұрын
its scary how insecure windows is, thanks for sharing
@menreikichan8291 28 күн бұрын
Won’t this be detected by windows defender?
@timmmm5012 26 күн бұрын
@@menreikichan8291it should be but sometimes people turn it off for some reason
@softwaremkxvii 26 күн бұрын
@@menreikichan8291not allways
@kaveeshathilakarathna8063 23 күн бұрын
@@menreikichan8291 yes this will detect by windows defender that is why we should not disable windows defender in any case.
@Viylne 19 күн бұрын
Not insecure man if you know how to handle the OS. differently people with less knowledge with system will use computer just like gaming or working. but I am experiencing about OS and a bit more about coding. so I have a programs and some Un official tweaks for my windows. so my system so far so good and virus always detected even the services virus background 😁
@hithammelhem2656 Ай бұрын
thank you as a user how to identify such manipulated image
@Compute_and_Hack 2 ай бұрын
Wow! This has been insightful to me about the trojan. Thanks a lot lot more, very thankful sir... Any way i have a question, will the victim PC always be connected to the server immediately when the victim is connected to the internet, or it will require the user to open the trojan file.
@mebolaw2322 17 күн бұрын
Any ideas/comments on the above question?
@technicalmaster-mind Ай бұрын
Thank you
@user-mq4lc2bs1b 2 ай бұрын
super i like it thanks for the valuable information.
@SuperNickid Ай бұрын
@zSecurity: What about emulator does are application.exe but the majority of them are not virus and the reason they are is to make sure the game work when you used the emulation since you need executable file to run the game.
@Gaming_Squad485 20 күн бұрын
im using clinet built and it keeps telling me windows cant fijd this it opens the image but dosent make it execute
@IamLookingforWoody_________786 Ай бұрын
Thanks for guiding us for using VMware machine before practicing this work.
@hollycow8171 Ай бұрын
how old are you tbh. 😮
@robinsonpk5867 28 күн бұрын
Its not working right now , fixed by discord. Right?
@cstyt5443 22 күн бұрын
@@robinsonpk5867is it working now
@gamingassassin6736 Ай бұрын
if you have window defender on will it still download and execute?
@tentimesful Ай бұрын
if an image is hacker thing and your image opener makes them hack you get rid of it as a image program reads out the image colors at their positions and voila no hacking on to you, and this goes also for your videos,,,
@gokulmahesh5757 Ай бұрын
brilliant steganography technique
@Tsu1. Ай бұрын
when someone opens it i can only do 2 commands before it just stops working can i have help?
@Muziek37414 2 ай бұрын
Instead of turning off windows defender, you could add a exclusive folder or zone where the AV Wil not scan. I know some infostealers use this method
@Compute_and_Hack 2 ай бұрын
do you mean the victims PC defender must be turned off so that the connection can pass?
@Muziek37414 2 ай бұрын
@@Compute_and_Hack no defender can still be on and active. If you add an exclution zone you can run code without it being scanned by defender and I think even amsi
@Compute_and_Hack 2 ай бұрын
@@Muziek37414 Thanks
@similiciousprogrammer1109 Ай бұрын
I want to target android Is it same for android ?
@robertsteve5175 Ай бұрын
@@Muziek37414 how please
@COMMENTBOX788 2 ай бұрын
Many youtubers says it's an educational vdieo but it's educating and updating an hacker for more features 😂😂 like here if you like it😂😂
@sarowarhosen003 2 ай бұрын
if your know you know
@stephenluttrell8958 2 ай бұрын
This little trick has been around for years. It’s not teaching anyone anything new and there are plenty of ways to defend it. But that sword swings both ways. It may teach some new hackers something, but it also teaches everyone else what to look out for.
@Gaming_And_Creativity Ай бұрын
Once the hack is done, I have the information about the victim machine so now my question is will the firewall be closed on the victim machine or is there nothing to do with it...?
@ComposewithAi 2 ай бұрын
Will it work if I have firewall to block new connection
@spinnerlive Ай бұрын
Bro it took me few seconds to realize that it’s you. Looking great in beard.
@dev.lani29 Ай бұрын
Will Anti Virus on windows PC detect the backdoor when the user try to download and view it?
@TrippyMango 2 ай бұрын
It might work until you have file extensions enabled or download it from a internet browser, there it will say "image.jpg.exe"
@frezerfiseha1553 2 ай бұрын
It's been ages men😢
@painandsuffer Ай бұрын
For one trillion years I've been trapped in my own decaying dimension, waiting for a new universe to call my own.
@attageledek6836 18 күн бұрын
This technique is actually very old, I knew about it in the 2000s, but before that no one discussed this matter
@AbubakerMahmoudshangab Ай бұрын
Perfect zsecurity guys
@avx0966 2 ай бұрын
Form to input guild Id and server id is not opening
@Muziek37414 2 ай бұрын
Maybe show to add some persistence? With powershell add on startup
@similiciousprogrammer1109 Ай бұрын
I want to target android Is it same for android ?
@sgct89 Ай бұрын
Please ask them to keep waiting? I have dial up and it said I've got 8 months left until the image is completely downloaded!
@endremurti Ай бұрын
Any idea for android target setup?
@LeftoverAtoms Ай бұрын
Why aren't file extensions enabled by default? It just makes sense...
@blackanonymous Ай бұрын
yoooo thanks so much
@barskarakas4927 15 күн бұрын
new fear unlocked Amazing video thanks a lot
@virtualheadless4764 2 ай бұрын
Hey what happen if user is offline and then open the file and deleted in offline mode by finding nothing on file Can still we have access
@shadowsalah1484 2 ай бұрын
the backdoor wouldn't be activated at that moment since the file couldn't establish a connection to the attacker's server or execute any malicious code while offline.but once the friend goes back online, if the backdoored image contains executable code or a script that initiates a connection to the attacker's server, the backdoor could potentially execute its malicious payload.
@craigdaniels1492 Ай бұрын
Won't Windows defender catch this if they click on the image??
@uniqueinsanvlog 2 ай бұрын
It's work on mobile as well??
@Blackify_live 2 ай бұрын
Thank you for your precious time and knowledge. ❤
@cyberguardsolutionsservices 2 ай бұрын
Please the renaming can you edit later and modify the exe in the file name?. Thank
@user-zi5hp3ih7j 2 ай бұрын
during my intern i was victim on this , the usb is encrypted
@Kulenn 9 күн бұрын
When i click '' build " it says Unhandaled exeption occurred in your app. Can anyone help?
@zamal7611 2 ай бұрын
yeah, it's working but windows firewall detected (can u make video for win firewall to avoid malware in image)
@RotatingLocomotive 16 күн бұрын
The fact that the name of these malicious files always end with "exe" can be helpful to spot them
@user-dk7os6hp4z 10 күн бұрын
Ty
@RotatingLocomotive 10 күн бұрын
@@user-dk7os6hp4z You're welcome bro
@memz4519 23 күн бұрын
This worked soo much on my school project i got A+ thanks
@bilal_404 7 күн бұрын
does it work on smartphones also?
@trippythegoat9438 Ай бұрын
I tried this but when i tried to change the name and the picture it came with the same error ''ATR not found''
@mihaelkYeah Ай бұрын
This hugely complex security exploit can be easily avoided in any operating system if you just DON'T HIDE EXTENSIONS FOR KNOWN FILE TYPES
@stanislavsmetanin1307 2 ай бұрын
Wait!! After the user opening you should close the picture, not going to discord, as user will not stare at the BMW forever. :)
@-zarex-6847 Ай бұрын
can u only Control if the picture is open? then Its useless lol
@chattf 23 күн бұрын
@@-zarex-6847 u can control even when they close it bc the rat is hidden some where else not in the photo
@-zarex-6847 20 күн бұрын
@@chattf is that possible on mobile too, like whne u install apk? I never openes photos on mobile but with anything else like the base Game apk is actually this Virus?
@chattf 11 күн бұрын
@@-zarex-6847 no clue
@Fevirre 28 күн бұрын
What's funny if you scan the virus on triage, it can log the bot's token the attacker is using and it can be used to login with a discord bot client and screw up their current operation Basically sending a good dose of karma to the attacker
@sangepuvinod3333 17 күн бұрын
Is this executable is detected by Av??
@user-bv6ms6ww6b 25 күн бұрын
Work on phone?
@BM-wl2sn Ай бұрын
Type of file WEBP (.webp) what this?
@ENROUTERV3 Ай бұрын
Know the difference between steganography and evasion
@user-kz2sz6bi7b 2 ай бұрын
best Sir, but can u tell me how can we build in pdf file for android, kindly make a video for android and uplaod on channel, please
@chudchadanstud Ай бұрын
Downloading a tool that will do all the work is kinda pointless. I thought you where gonna go through the theory.
@nightwing09x 2 ай бұрын
Taking your course on udemy, thanks!
@easylearning4474 2 ай бұрын
can you give it to me for free?
@allyouneed4775 2 ай бұрын
Sir where is your channel can you please give me the link of your channel
@Celeste_Eira672 2 ай бұрын
in my pocket
@kingsmith3352 Ай бұрын
Still showing my icon only not my executable file😢😢 y pls someone should answer me😢
@DeeperSoul 9 күн бұрын
Many softwares like Telegram has auto download what I hate cause so many strangers/scammers messaging you with image messages. You have to disable downloads settings after setup or every installation but for the safety that settings must be disabled as default!
@Oracule-bh5vy 2 ай бұрын
injected PIC, its new for you?
@wawaweewa9159 16 күн бұрын
So why is a file allowed to be listed as jpeg if its an app?
@owASTA Ай бұрын
i think the cons are the space of the file , it can be spotted
@Shervan96 23 күн бұрын
Please explain How to drive by download a malware virus and how to upload it for a phone can download it
@ReligionAndMaterialismDebunked 2 ай бұрын
Been a while since y'all posted. Shalom. Hehe. :3
@Banjara.official Ай бұрын
is it also work in androaid mobile?
@abdbout 2 ай бұрын
hi ser is it working on phones
@Conecte_Aqui 2 ай бұрын
How are you managing to keep your KZbin channel covering hacker issues? I had a channel with several hacker-related topics and KZbin, after I had 200 videos, deleted my channel. How can you keep the videos?
@user-pv6mx4wi5x 2 ай бұрын
You forgot to add for educational purposes 😂
@Conecte_Aqui 2 ай бұрын
@@user-pv6mx4wi5x I put it in the video description that it was for educational purposes and even then it didn't allow it until a warning at the beginning of the video
@FurqanHun 2 ай бұрын
You're not supposed to show everything in video, you shouldn't be showing malicious code on the screen and there shouldn't be a real victim 🚶 there's a grey area in the education section and it's pretty easy to cross over it 🚶 btw you can still send a takeout request to google for that channel even if it's terminated and you'll get permission to download your videos
@archerthepitbull883 Ай бұрын
Hii bro can u teach me how to start hacking...
@Doomslayer151 25 күн бұрын
Special thanks to do Discord , Github , MS-Windows Charmap for supports DIY malware(not really)
@hollycow8171 Ай бұрын
any other way other than discord?
@kingsmith3352 Ай бұрын
Mine is still showing the .ico extension y😢😢
@hollycow8171 Ай бұрын
We did this in 2006 😜 Easy to track keystrokes, screenshots, and more.
@kobeJanssen_officieel Ай бұрын
after 10 min my discord bot is offline how can i fix it?
@mekithuat9832 Ай бұрын
I can't use any commands like !help. Help me please
@Sp1ritYT735 25 күн бұрын
When i open up the script with the foto its says windows cannot find backdoor.exe make sure you typed the name correctly And then try again
@InduwaraPerera_YT 13 күн бұрын
you have to add the correct name of the exe file created with builder app or rename that to backdoor.exe. when u creating zip file use the correct name of it not the name in the video.
@InduwaraPerera_YT 13 күн бұрын
btw i tried the whole steps correctly unfortunately it says this app dosent support on my pc and i don't have any other device to test it😒, please let me know if it works for u.
@ENROUTERV3 Ай бұрын
Yo this linode can people name 5 users who use it?
@PatrickCreations 20 күн бұрын
My brother is going to have some troubble finding this one 😂
@Nochymusic 2 ай бұрын
Teach how to embed a RAT(apk)into am image
@WARSMP-pb1ku Ай бұрын
BROTHER CAN YOU TELL ME HOW I CAN MAKE THAT LIKE DISCORD IF ANYONE DOWNLOAD DISCORD IT AUTO GOES ON STARTUP HOW I CAN SETIT UP WITH THIS SO THIS Exe is opened one time and then it set up to startup
@kakissakis1997i 21 күн бұрын
Win+R shell:startup put the shortcut there to open everytime you start your computer, Maybe you should also give some admin access to your shortcut!
@avx0966 2 ай бұрын
Its builder.exe , its it dade to download?? I download but ehen i double click on builder . Form doesn't pop up for seriver id ,guild id etc
@jageshnaidoo5588 Ай бұрын
What is the useful app to avoid hackers?
@DiverseInBits 5 күн бұрын
Ah yes. The ultimate excuse. “For educational purposes only”
@gurjitsingh-hj8br 19 күн бұрын
Sir how te create Android apps...
@lancemarchetti8673 Ай бұрын
Just embed the reversed Base64 of your payload after the 2nd byte in any jpg file. Image parsers will ignore it as Metadata. And your image won't look suspicious. No need for exe renaming tricks.
@Hello-eg8er Ай бұрын
How does this work?
@afjelidfjssaf 23 күн бұрын
@@Hello-eg8er i think he means instead of storing the payload inside the exe, just have the code in the exe read the images metadata and parse it
@mmtaqi8448 3 күн бұрын
how you can bypass the windows defender or antivirus when the user click on it ?
@afjelidfjssaf 3 күн бұрын
@@mmtaqi8448 you can't. All files automatically get mark of the web (except ISOs and such)
@bostm8687 Ай бұрын
But how can you sent this file. I mean all programs as discord, email… recognize that that is a virus a blocks it?
@technicalmaster-mind Ай бұрын
You'll send zip file with password
@kolawoleoyedokun7250 2 ай бұрын
🎉. This is cool. But, how do we bypass windows defender and antivirus being installed on windows target
@lolononojay9010 2 ай бұрын
Use a crypter
@fifidurand7421 2 ай бұрын
@@lolononojay9010 and where can i find good crypter??
@jainayrogeorge2924 2 ай бұрын
@@lolononojay9010any free recommendations???
@winwininnovation8528 2 ай бұрын
can you please suggest one or share with me one@@lolononojay9010
@KDR911KO Ай бұрын
Well that can be resolved by extraction the file and kill the virus service
@oishorjoanwarnakshatra 17 күн бұрын
Please someone tell if it can be done to android device 🙏🙏🙏🙏
@defarmer2020 2 ай бұрын
i get an error message saying windows cannot find backdoor.exe. how can i fixed this?
@moneyman6227 2 ай бұрын
most likey virus protection make sure to turn off and make exclusion after its made
@waiphyoaung1107 2 ай бұрын
Can kill windows security for this image?
@ondxbline 2 ай бұрын
I tested it on my own pc but without virtual box. Since I opened the file, will it have some background processes on my own computer and if so, how can I remove it?
@qwerte6948 Ай бұрын
task manager
@DirkArnez Ай бұрын
.exe is too beginner that i automatically ignore when i enable extension in Windows Explorer. I prefer to have virus in an image file that i cannot complain
@sus-rh6tw 27 күн бұрын
me with image extensions turned on:
@darekaryankvs 18 күн бұрын
please make it for mac os also
@didyouknowamazingfacts2790 Ай бұрын
I'm pretty sure most email providers will pick this up as malicious.
@bhavyanegi6602 Ай бұрын
Yea easily, you need to learn by-passing AV and reverse engineering to make it undetectable.
@ProfChemeng3 2 ай бұрын
Ill try this on you😂