How to Create Trojans Using Powershell
Рет қаралды 685,057
Күн бұрын
@mannyislam1 2 жыл бұрын
I have a master's degree in Cyber Security and I can attest that your content is better than accredited universities.
@zSecurity 2 жыл бұрын
Glad to see that you like it 👊
@ogvgamer3378 2 жыл бұрын
bro know i am 11th class i will also do masters in cyber security
@metinaktor5383 2 жыл бұрын
Give your discord for the jobs. Thx
@royalsrivastava2079 2 жыл бұрын
so should i go for masters in cyber security after my bachelors in Ai&ML ? i will appreciate your opinion!
@mannyislam1 2 жыл бұрын
@@royalsrivastava2079 artificial intelligence and machine learning falls under data science. Cyber Security is very different from Data Science. If you do go for Masters, go something related to data science. If you want to demonstrate some cyber security knowledge, certifications will help you better than college.
@wtfdoiputhere 3 жыл бұрын
lesson learned, always go to properties to check files extensions and never click links or any media from ppl you don't know ty so so much Zaid always making original and interesting videos
@luan_dragonpro9669 2 жыл бұрын
or just enable file extencions
@WhiteHat-1337 Ай бұрын
@@luan_dragonpro9669 True, I hate when systems try to simplify so much to users and end up hiding important information (file extensions, part of the URL, etc.).
@nimira43 3 жыл бұрын
The best teacher / instructor ever. I'm enrolled on all your courses and your KZbin video tutorials are fantastic. Another of my favourite instructors on Udemy is Laz Diaz; he rates you very highly, saying you're a genius. Thanks for all that you do. Massive Respect
@anuragrsimha 3 жыл бұрын
Videos by Zaid Al Quereishi sir is a gem in their own form. Flabbergastingly, the course that I had completed is entirely different from what is in the scheduled syllabus prepared by the engineering university where I am pursuing a bachelor's degree.
@donhousam 3 жыл бұрын
does this payload passing Facebook security bot +WhatsApp?
@anuragrsimha 3 жыл бұрын
@@donhousam Could you consider elaborating? Your question seems to be quite unclear, I'm afraid.
@michaelodor6788 3 жыл бұрын
There is no video I don't learn from you.. you are simply the best
@mr_crapto 3 жыл бұрын
yep i agree with you buddy
@Yoghaaa 3 жыл бұрын
Couldn't agree more
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs :
@JayPatekk 3 жыл бұрын
So can somebody explain to me about what this guy does because I’m interested in this so called security defense trade but would this be under coding or just hacking
@DariNewsTv 11 ай бұрын
youre my fav youtuber rn yove teached me alot , i wish i had money to buy your courses
@ldandco 3 жыл бұрын
This is the main reason why on Windows I always set the file explorer to view the extensions for all files. This way I know if what I am executing is a exe file or an actual file.
@zSecurity 3 жыл бұрын
There are ways to spoof the file extension too, already covered in our courses or lookup RTL override.
@MrRobot222 3 жыл бұрын
@@zSecurity Even Widnows Defender would still block it. Plus you can't email this to someone as any email provider would block it, so how do you deliver it?
@oo7posam581 3 жыл бұрын
@@MrRobot222 Recently the security has been increased... So manual is only option
@yuliyy__ 3 жыл бұрын
@@MrRobot222 Torrents
@MrRobot222 3 жыл бұрын
@ZcyberTech Antivirus would still block it
@128bytes8 2 жыл бұрын
that is the most barebones POC of a botnet ever. Very cool. Like the reverse shell code. Keep up the great work.
@shellbng 3 жыл бұрын
one of the best teacher zaid sir💯💯💯💯
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@uzi5998 3 жыл бұрын
I bought your Udemy courses sir, ngl your explanation is the best.
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@technical_Insight 2 жыл бұрын
Hello bro
@technical_Insight 2 жыл бұрын
Can you share the course with me please
@mastaghimau 3 жыл бұрын
Very nicely explained Zaid... Thanks a lot for your sharing....
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@James-c8m8x Жыл бұрын
Keep up the good solid work! I enjoy your content because it answers the questions that I have. Great job!
@SagarNunia-md4wn 10 ай бұрын
how I am gain the interface as shown in this video???
@Malisha_Rasiru Жыл бұрын
SSuperb Bro I have Ever Seen such a clear explanation 🤝
@wilwad 3 жыл бұрын
It’s these basic tricks that get users owned. Ordinary users just double click files and don’t know not to click random EXEs even with show extension turned on
@cryptolicious3738 3 жыл бұрын
better use a firewall n a/v . avg wont let apps connect unless they have an entry in the firewall...right?
@RalphFarah-r1q 10 ай бұрын
how do you build the connection between the code and kali?
@grey1185 3 жыл бұрын
I took the courses Zaid offers. They are really great and its wonderful to see you making great content
@harshavardan9054 3 жыл бұрын
Hey I have a doubt when the victim clicks in that image will if trigger the Security malware of the victim or it does not
@coolcool1003 3 жыл бұрын
Why doesn’t you just use the curl command from batch instead of the powershell command ?
@fletchedfps 3 жыл бұрын
windows doesnt read bash tho right?
@coolcool1003 3 жыл бұрын
@@fletchedfps I had no problems so far with batch and the curl command
@zerobyte536 3 жыл бұрын
@@coolcool1003 I was wondering same thing, I mean I did not test it, but would think that would be better also would work in non windows machines, well cant change to exe but still
@merl7972 3 жыл бұрын
@@fletchedfps This used to be true, but since Satya Nadella took over microsoft in 2014, they've worked to incorporate a ton more linux into windows. curl works from command prompt in modern versions of windows, but not old ones to my knowledge (don't have a copy of win7 laying around atm).
@aitboss85 3 жыл бұрын
If the user has enabled in the display option to view file extensions, they will notice easily it is an .exe file...
@Gareth1892000 3 жыл бұрын
Yes, this is just a basic tutorial, and the method is used only with social engineering (where you trick other to click it). Otherwise, if you could write trojan and implement it purely in jpg/png file without exploit the user programme reader easily, the world security would be doomed.
@aitboss85 3 жыл бұрын
@@Gareth1892000 what program are you using to gain control over victims?
@musshare 3 жыл бұрын
most users arent critical
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@kastakastakasta2933 3 жыл бұрын
@@Gareth1892000 kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@einsteinwallah2 3 жыл бұрын
you should now do a video on how to prevent being victim of such attack or detect if you are already attacked and how to prevent its consequences
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@jeanemeryenoga9949 Жыл бұрын
This is your best tuturial for ever. Thanks à lot master. 👏👏👏
@MrRobot222 3 жыл бұрын
Great video, but 4 points. 1. Any decent email provider will block this if you try to email it to them. So what delivery do you use? 2. Most people will have file extensions on and see it's an exe file and never open it. 3. any anti-virus will then block it, including windows defender. So this is pretty much useless unless your target is really, really, really stupid and has gone out of their way to make themselves vulnerable! 4. as you're hosting the files, forensic analysis will link it back to you. 😂 Still, giving the video a like for the PowerShell info, but this is a terrible way to do it.
@zSecurity 3 жыл бұрын
I did say its a quick and dirty way of doing it. All points you mentioned are valid but can be addressed and bypassed by this very Trojan, the video will turn into a full course if I do that though
@Saint_sheedy 3 жыл бұрын
So how would you go about it ??
@MrRobot222 3 жыл бұрын
@@zSecurity Please don't get me wrong. I've done 2 of your courses and really enjoy your content. As I said, the powershell side is useful. Just creating a FUD backdoor these days is getting harder and harder. Veil, FatRat, Empire, Shikata ga nai are all becoming detectable by both email and AV. It can be done, just takes so much more effort these days! 😊
@cyyborgg 3 жыл бұрын
@@MrRobot222 Did you successfully make any undetectable backdoors yet? I tried myself but I failed miserably 😂😂
@MrRobot222 3 жыл бұрын
@@cyyborgg I've made several backdoors through various obfuscation techniques, but all detected, even by windows defender and the various email clients. I'm learning python with the hope of writing my own as this could be the only way forward.
@leonardvinciguerra1726 Жыл бұрын
I tried this several times but it doesn't work. When I click on the outputted .bat file after saving it from notepad, the required files don't download, I get an error I'm the command prompt and it cancels out the operation.
@manavgora Жыл бұрын
Wow that was an amazing practical, i am very impressed and i subscribed
@decoder6878 3 жыл бұрын
Nice video and awesome courses. I learnt a lot from your courses.
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@RealCoLlama 2 жыл бұрын
i used bat to exe before but it injected malware to my code and I found out with virus total. i put no harmful code and it still flagged it as malware after I compiled it with bat to exe.
@RanaMSikandar 3 жыл бұрын
Do you think it will pass throw windows defender. Mostly bat to exe are caught by windows defender
@robinbijo 3 жыл бұрын
@zSecurity this is in case of an exe file,people will know that this is not an image file rather it is an exe file,so how can we make a backdoor behind an image?? Also how do you do it for a pdf file?
@vdivonoficial5263 5 ай бұрын
how do I get my linux terminstor to have the stuff like his??? So I can see the when someone opens the trojan
@kbto 3 жыл бұрын
Very informative, you earned a subscriber
@obaidullah7780 3 жыл бұрын
whats the name of listener which you have pre-installed on your system because from nc -vv -l -p 9001 cant be reached (KINDLY SOMEONE EXPLAIN KALI LINUX PART)
@lingehmuhamed5718 Жыл бұрын
please what tool are you using to listen for incoming connection? the interface is awesome please help me with it if anyone has an idea of the tool.. the video is great i'm recently following some of your videos in udemy it's great keep up with the good work.
@Atreus21 3 жыл бұрын
That's a hell of a thumbnail sir.
@jaspreetsingh4362 2 жыл бұрын
Sir when i use right to left override it get deceted now how we can bypass that
@lillythefox21283 3 жыл бұрын
How do you get past the Microsoft dangerous file popup (I think it needs a code signing certificate)
@zSecurity 3 жыл бұрын
Yep
@jeremycheong8036 3 жыл бұрын
I bought your course. Can’t wait to start learning! 🤟
@zSecurity 3 жыл бұрын
Hope you enjoy it!
@blackdevil5962 3 жыл бұрын
sir i like your intro.. very well.
@kabandajamir9844 3 жыл бұрын
Good explanation sir
@anonymous4911 2 жыл бұрын
Any Video to the kali machine he uses?
@chriscjjones8182 2 жыл бұрын
Why not just use the dos copy command with the b option? That way you have an actual image file not an exe and the image opens as normal but still runs the batch file as well. Very old technique now yes, but I'm asking is there a reason not to do it that way?
@SagarNunia-md4wn 10 ай бұрын
ok, then what to do as your opinion... please tell me simply..
@sreejith_jinachandran 2 жыл бұрын
Hello I just downloaded your customized Kali version I want to install "Yersinia" on it. But I'm executing this command "apt install yersinia" it's not taking showing "unable to locate package yersinia" Please help me on this
@shahiduae100 3 жыл бұрын
Dear Zaid No Doubt you are the best and first on Udemy I had already purchased and learned a lot from your series of Ethical hacker I would like to ask you if you could suggest it make video on parental care spyware Which is useful... God bless you
@bransensible1829 3 ай бұрын
I have a few questions: 1. Does the file extension show as ".png" or ".exe" ? 2. Will windows defender block it if I click on that image file ? 3. If I run that file and you controll my PC, are there any ways that I can stop that? Changing ip address or something?
@igor-kostelac Жыл бұрын
Where can I find this hand pointer that you use in your presentation? Thank you
@CoryResilient 2 жыл бұрын
Do you have a course to bypass defender now in 2022 using this or similar methods. And is it possible to use veil powrshell bat to exe like your old video. Do the edits to the power shell options then encrypt the string even further to bypass defender now
@thana3270 3 жыл бұрын
where could I get bat to exe?
@meghrajjare5988 3 жыл бұрын
But I have a question...... We can still see the extension as an executable file and any guy who is used to computers won't open it... Is there a way to get around that so that the file extension doesn't show in the explorer?
@squidssh 3 жыл бұрын
there is no way to do that without already having accese to the machine,if someone has file extensions enabled you cant turn it off without having accesse
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@karkantas 3 жыл бұрын
I need the url for the video that shows how to set up empire
@ytshplays1785 9 ай бұрын
same bro same
@DavidParathyras 2 жыл бұрын
I really like how you call the letter 'z' with its real pronunciation and not the American one
@GabrielNixon-Cullers-h2z 6 ай бұрын
found the Br*tish "person"
@bigman3499 Жыл бұрын
when i try to execute the script in the powershell nothing happens i don't get an image on my computer anyone know how to fix
@jw200 2 жыл бұрын
how to make it so it runs code if user looks image on webpage?
@picku4486 9 ай бұрын
Dear Fbi, I'm here for educational purpose only!
@copyright-pw8bz 7 ай бұрын
No way same
@WorthItOrNotReviews Жыл бұрын
When I put the link with the command in powershell and run it it's red and it doesnt download anything can someone help please? Thank you
@dogame5 2 жыл бұрын
I have a small problem, when I type the powershell syntax in double quotes and the url in simple quotes there is a error, because he think the quote is in the url
@dogame5 2 жыл бұрын
I found the problems help. My url have a space without the space and without the quotes it works
@dhavalsuthar1 3 жыл бұрын
Sir !! You are great 😊
@AwesomeCaden73 3 жыл бұрын
What was the bat to exe file converter you used? I couldn't find the link.
@anonymousking9817 2 жыл бұрын
This is for Windows machine but for Android how to create trojan like in Windows we double click on image so that it executed but in android how?
@timebomb2545 2 жыл бұрын
hello zaid i have a question i am learning on udemy your ethical hacking with python im at lesson 5 and we need to install kali but its not working on my pc when i want to click on the download it muliplys it can you help me?
@umerfarrukh7067 11 ай бұрын
how to we coonect this trojan to our kali machine console ?? please guide ...
@jackwan358 3 жыл бұрын
When the victim open the file, will it get UAC prompt if the users account is not a local administrator?
@ideasofcharan1383 2 жыл бұрын
Bro please help me my pendrive is not recognised please tell me how to fix it When I try to make windows 11 live usb using Rufus it shows not recognised when I again connect please help me to fix this and it was not showing in diskpart also please help me i am using windows 11 now Please help me please 🙏🙏🙏🙏🙏🙏
@postmahtoast2736 3 жыл бұрын
This guys so good, I feel compromised by watching this video
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs :
@KEPARXZ 9 ай бұрын
Do I need kali? Bc my pc does not like having virtualisation on and won’t let me use it
@manofadventre83 3 жыл бұрын
I purchased your course and cannot access your website. to download the updated kali what do i do?
@CthRage8946 6 ай бұрын
Don't get me wrong! PowerShell Empire/Starkiller servers are good but how do you evade Windows Defender? Do you use the C2 framework like sliver's implants?
@AndrewDinoshan Ай бұрын
Should I use Kali Linux to take control of a person using this executable image?
@tumon1237 3 жыл бұрын
Hello Zaid, I am your big fan.I am eagerly waiting for a cyber security course from you. I know you are truly knowledgeable at this sector...
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@SashikaSandeepa 3 жыл бұрын
but it is a executable file. So victim who know about basic about file extentions immediatly identify the threat. But most users dont care about file extentions. they only look at icon.
@arup261075 3 жыл бұрын
But zaid the trojan is still gonna have .exe extension and it will obviiously be a red flag to the user for a image file to have .exe extension
@michaelwatson3962 3 жыл бұрын
Greetings to you sir i wana know if the 2nd command line content of the notepad which is in bat is placed to exe file i mean the backdoor file...my question is can exe file backdoor be used just like that...if so? pls describe briefly.................thanks regards
@d_faceedit3419 Жыл бұрын
i love this video but i already know this method and yeah that's great to see that because this same method i think and make a prototype of it and it work properly also implement in ms excel that download file from internet using cmd then run that file and perform the hacking after this it upload all the data to cloud really a great video for those who are learning
@MichaelCheung-z2v 4 ай бұрын
What about.js.or .webp file extension? Can they be trojans? If there's an extension png or jpg, can i always confirm it's an image?
@amaanquadri2901 3 жыл бұрын
Zaid sir taken your 11 udemy courses love form India
@AghilesAd 3 жыл бұрын
What if the user opens the file when offline ? He can't download the files from URLs and will make the whole process obsolete
@jdaniele 3 жыл бұрын
To download the trojan you should be online, maybe you received it by mail, so if you are curious and wanna see the image, you just click on it when you are still online. Moreover, how many persons are offline today? I think very few. Do you disconnect from internet before opening an image? I think no... Of course, if you are a security expert, you won't be fooled, but the average user could be.... Hey, it's just an image. How can it hurt me? hahahah The only suspicious thing is the missing extension. I would never double click on a file without extension. Of course I always have the "show the extension" option on. By the way, if the user usually have it turned off, he won't care about the extension because he is simply not used to be.
@AghilesAd 3 жыл бұрын
@@jdaniele Fair enough haha thank you for your response.
@theartofhacking6896 3 жыл бұрын
@@jdaniele yeah.... i also think that an average person won't care about extension either...
@technotux7835 3 жыл бұрын
instead of downloading the payload and image file, we have an option to embed them in the exe, and select the extract directory to temp (for the embed items)
@Mindflayer86 3 жыл бұрын
Can't... resist... THUMBNAIL!!
@MacronLacrom Жыл бұрын
So you make a bat file with those commands then you use another program to change the icon?
@hadicrecket 3 жыл бұрын
Sir your videos are very good i watch your every video and get a lot of knowledge from it Sir who are you, show us by making another video in which tell how we can find free internet and free host find for free sim Internet
@goatedggwp 3 жыл бұрын
There is one problem that is all those backdoors that we made are easily detectable by Windows Defender Is there is a backdoor that is not detectable? Thanks.
@zSecurity 3 жыл бұрын
Yep there are a number of ways to bypass WD, this is just not the topic of this video, it is covered in a different video in the channel.
@Jaiswalkatul 3 жыл бұрын
The moment you execute Invoke Expression , any EDR solution will detect and block it
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@hiamealhilwa6684 3 жыл бұрын
How can I convert the code to work on the Android system? Can I do this on the Windows system only?
@josinjojy4268 3 жыл бұрын
Please make a video on how to create an undetectable backdoor with C /C++ or assembly language
@SagarNunia-md4wn 10 ай бұрын
but now my question is...how to see the interface in my kali terminal as you are executing.... ??
@Auriatta Жыл бұрын
okay so if I'm gonna use some default app that open specific formats then this shell will not execute right?
@zestdancecrew9358 Ай бұрын
what is the tool name you have used to receive connections back to you when the image is executed
@AndrewDinoshan Ай бұрын
Bro I think Kali Linux
@khizrshaikh9902 3 жыл бұрын
Thanks for this Sir/Brother
@donhousam 3 жыл бұрын
is it working on any android version and on Windows ?does it pass Facebook or WhatsApp security bot?
@samislam2746 3 жыл бұрын
This technique is old and well known. What I'm looking for is an answer to my question, *is it possible to have a backdoor inside a pure png/jpg file?* What you have shown is actually an EXE file, and not an image
@reddixskrull2451 3 жыл бұрын
Of course you can hide code of a backdoor inside of a pure PNG but it won't be executed because of the way pictures get handled.
@samislam2746 3 жыл бұрын
@@reddixskrull2451 What if there was a vulnerability in the picture viewer program? I've read many times about vlc media player that it has been a security hole exploited by hackers through out the history
@reddixskrull2451 3 жыл бұрын
@@samislam2746 yes that probably can be possible but it would be difficult to find such a vulnerability and at least to my knowledge there aren't any vulnerabilitys like that around. I mean ask yourself is it possible to infect a computer with opening a txt file with Editor? Probably not because of the capabilities of the file and Editor itself (i mean the windows standard text editor)
@samislam2746 3 жыл бұрын
@@reddixskrull2451 it all depends on the purpose, for example, hackers can exploit a vulnerability in a video player like vlc to de-anonymize users hiding behind vpn or Tor. Since vlc is capable to search for available subtitles of the video being played online. and as u know, vlc is a networking application, it has the permission to scan the local network and to send internet requests too. There was a trick that I read one time about, which is you might find a ping request inside a subtitles file. The video player might be reading and consuming the input from the subtitles file in a vulnerable form, which leads to a direct internet request holding the actual ip of the victim sent to a particular service of the hacker.
@samislam2746 3 жыл бұрын
and that's the most stupid thing I did today. and you're right, it all depends on how the picture is being handled. also it's rare or maybe a completely garbage discussion because I don't believe there would be an idiot programmer like that
@mr.paranormal776 Жыл бұрын
idk if im just stupid but does the adminstor of the trojan virus have to be on linux?
@tojabdhei4881 2 жыл бұрын
Very useful bro ❤️
@nicatshare6103 Жыл бұрын
bat to exe converter > not working , please help me ... invalid memory access :(
@shortgod8846 2 жыл бұрын
Where i get this files ?
@dummyd8625 3 жыл бұрын
Can we change the icon and other thing on the firsttime
@praveenmalik8066 3 жыл бұрын
which tool you are using to get reverse connection? is it metasploit???
@zSecurity 3 жыл бұрын
No, powershell-empire
@matze86hh 2 жыл бұрын
1:34 the Hand is great 😂
@e343io 3 жыл бұрын
Will it bypass win defender or you have already turn off ur win defender then have start ???
@DavidVanMosselbeen 3 жыл бұрын
Disable Windows Defender, uninstall the antivirus, uninstall Chrome, and install Windows XP. And then you're (un)safe :-D All these tools are blocked, even hashed stuff. These days you almost need to be able to write you own backdoor from scratch. And even then, some systems are so smart enough to even detect some suspicious programming functions you use in your custom made backdoor. Our Windows systems are very secure, very very well actually. GNU/Linux seems actually the most easy to hack these days. Not safe at all, even what others proclaim
@user-po7cm3nr7p54 3 жыл бұрын
@@DavidVanMosselbeen Windows is safer to guard against malware becuz of the built-in antivirus. If without antivirus programs on Windows, there are way more exploits on Windows compared to Linux.
@All.Rights.Stolen Жыл бұрын
i make one and test on my old phone it get corrupted !! and always vibrating !!
@charliecrane253 3 жыл бұрын
Great video, obviously you would need to obfuscate your reverse shell so Windows defender doesn't catch on
@fletchedfps 3 жыл бұрын
id love to see an up to date tutorial on how to bypass av with obfuscation
@muaviyaharsalan4414 3 жыл бұрын
@@fletchedfps same, honestly I've seen a bunch of videos but not one of them works
@scp-burgerking658 3 жыл бұрын
There is no point in obfuscating code. Obfuscating just makes it harder to read for humans. AV’s can un-obfuscate (beautify) codes in matter of miliseconds
@muaviyaharsalan4414 3 жыл бұрын
@@scp-burgerking658 what about encrypting?
@scp-burgerking658 3 жыл бұрын
@@muaviyaharsalan4414 Yep, thats what you’re looking for
@yugalsharma5808 3 жыл бұрын
what if we share our virus/code.exe using whataap will it still work on target computer.?
@krit.k8318 Жыл бұрын
What if the user has enable to see the extensions of the files? In that case it will see that the image is .exe
THẾ GIỚI 24H
Рет қаралды 10 МЛН
Matt Brown
Рет қаралды 1,2 МЛН