undefined | Better HN

0 pointssimonbrown14y ago0 comments

How did you embed the exe client into a jpg (rather than just changing the icon)?

0 comments

4 comments · 1 top-level

oz14y ago· 3 in thread

IIRC, Sub7 had a tool which did this. You could also 'pack' the executable.

My infection vector of choice was embedding it into fake resumes and sending it to job ads...ahh, the memories...

stfu14y ago

The fake resume idea is brilliant. How could I have overlooked that back in the days. All I did as a script kiddie was scanning IP ranges and playing with infected accounts. Good times.

jiggy201114y ago

You can add the contents of the .exe to the JPG but when the computer opens it then it isn't going to try and execute the code (it will try and render it as a graphic and probably fail) unless there is some unpatched exploit in the image viewer.

cha0tic14y ago

It would create a .exe file that was a simple image viewer and give it the standard .jpg icon. You would name it something like picture003.jpg.exe and most people's computer would conveniently hide the true file extension.

j / k navigate · click thread line to collapse