FILE EXTENSION EXPLOIT! Make .exe look like a jpeg, mp3 or whatever you like
This tutorial will show you how to make your .exe (or .com/.scr) files look like .jpeg/.mp3 or any other filetype! By normally changing the extension to e.g .mp3, will corrupt your file, but with this exploit your file will still be executable!
__
1. I have my server.exe, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end.
Now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space).
2. Now it's time to use the exploit! Open up the Character Map:
Scroll down and find the "U+202E: Right-To-Left Override" character:
Click "Select" and then "Copy".
3. Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste)
Then type "3pm" (without the " ") and press Enter. Now it should look like this:
![[Image: 39c227c69b6910e0ca6aacffc30cc78d.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tOkDxBj0jSaSmBH8gy6sFm82qD_MoOkTK2prJ8NI1qd29MgHXBwNbnOIknlHBbJ1sqLLYmYgIHs0gNuD4ZRhqh6sT95ArqDy32O8srgWvKNan-4roR1p1R=s0-d)
Done! Obviously you might want to change the icon to look like an mp3 before doing this..
A short video can be found here:
- [Youtube]
(Watch in HD + Fullscreen)
__
Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside.
Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations!
If you have any questions, feel free to ask!
Also, here's a .pdf explaining the exploit: http://dl.packetstormsecurity.net/papers...erride.pdf
And PLEASE say 'Thanks!' if you find this tutorial useful!
__
Those who can't find the character in the default CharMap in windows, do this: (not sure if it works but worth a try)
1. Download BabelMap and run it.
2. Open this picture:
- Make sure "Single Font" is ticked and "Arial Unicode MS" is chosen as Font.
- Search for OVERRIDE and click on the RTLO character (row 2020, column E)
- Click on the Select-button
- Click on the Copy button
Also, those who have problems with WinXP and non-english OS versions, take a look at this.
__
1. I have my server.exe, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end.
Now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space).
![[Image: 1355d8aac0de527e31eaa477ee7928e8.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vgXG5VBZqwLEAeOg80SFQ1PvbJTBKHo2L9yVryaUXxual-h2QfgmOGLlk0GES9TIuR3Ip3dwfzYy94mTmp9uohQy2_AVgHxHZDutiLRdnmdcORC9A3YUmE=s0-d)
2. Now it's time to use the exploit! Open up the Character Map:
![[Image: c798211b2cb142dbba73607e44508456.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uP9IdEB_Gv9Ry_rCDv5anvMK_1Exkb1uYAmhaZQAIDizvpnRuZX1A_jTLIFhq3n7hBttW1uqUJWAHdYIpffS9gjbFFhk06znxSrrLK9Z0k1kwc_ZuSOD2k=s0-d)
Scroll down and find the "U+202E: Right-To-Left Override" character:
![[Image: 3de9765de2bdba8e8dcb54ab503c54f4.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sKkfnCvpMp1RsteA7-dtCOTEDfWSCDcQNB4imSH5NbIyXCstqm_xlN-oO2QSoKk-csHz_fB7JHfY3i9s1PDxmGm5-qkMNjDc3iIsdZf7BATXcDVuBMgiMg=s0-d)
Click "Select" and then "Copy".
3. Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste)
![[Image: 1cb7fb8cb3609448bf88a1939f8b5e0a.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tpqkBdmc-OERo_j736TRvKrg0hEi3YSTvOfilt6LueN_IbojV3reV-AMoZkTDgBbB9sl60mQqmcwv6or1dvyfXWSc8e9-Hfdyx5m2JAybKqRz6jAuDALhB=s0-d)
Then type "3pm" (without the " ") and press Enter. Now it should look like this:
Done! Obviously you might want to change the icon to look like an mp3 before doing this..
A short video can be found here:
- [Youtube]
(Watch in HD + Fullscreen)
__
Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside.
![[Image: 8c3f0b7fd4d47e1c5349be812a952d28.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vgvc6X7Ose1IVOJ_1ksrKxqNzMtg4uR36IhOyB0wl7TJfWm6vyrm2eWTo9NdJxZv-0sTmNuMOI09kXf_CyzaHmONiBw5u0rxEzZvTyTwvD_6rIOPZyVvL1=s0-d)
Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations!
If you have any questions, feel free to ask!
Also, here's a .pdf explaining the exploit: http://dl.packetstormsecurity.net/papers...erride.pdf
And PLEASE say 'Thanks!' if you find this tutorial useful!
__
Those who can't find the character in the default CharMap in windows, do this: (not sure if it works but worth a try)
1. Download BabelMap and run it.
2. Open this picture:
![[Image: lDBUu.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uJ4qRyu2XcclcMOE-Vxs85V1x_MFQNxnqKOjRxBCF_VcfzjaVOUs464UYqM-LQpd4VHWvKoGfDzVxzJJyXrA=s0-d)
- Make sure "Single Font" is ticked and "Arial Unicode MS" is chosen as Font.
- Search for OVERRIDE and click on the RTLO character (row 2020, column E)
- Click on the Select-button
- Click on the Copy button
Also, those who have problems with WinXP and non-english OS versions, take a look at this.
Labels: Tricks
posted by Unknown @ Sunday, August 07, 2011
0 Comments
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home