Sunday, August 27, 2017
Send exe files through gmail using steganography
Send exe files through gmail using steganography
Mails used to be the easiest way to spread malware. So obviously Gmail doesnt allow users to attach windows executables (.exe) to mails in order to protect its users from screwing up their windows machines. However, we may have to send .exe files which are not malware via mail. Before, you couldve just renamed the extension from .exe to something else or made a zip/rar archive and gmail would simply allow you to attach it. Sadly, it doesnt work anymore as gmail started reading file headers of attachments and started reading files inside zip/rar archives.
So I figured out a simple way to do this using steganography. The idea here is to embed the exe file inside any image and attach it to the mail. Gmail will think that it is just an image and will be oblivious to the fact that there is an exe file hidden inside that. Later the other user can simply extract the exe file from the image and use it .
$ ./mailexe -e [exe file] [image file]
A file called image.png will be created. This image file has exe file hidden in it. Send this via gmail.
$ base64 [image file] > temp
$ base64 [exe file] >> temp
$ base64 -d temp > image.png
So I figured out a simple way to do this using steganography. The idea here is to embed the exe file inside any image and attach it to the mail. Gmail will think that it is just an image and will be oblivious to the fact that there is an exe file hidden inside that. Later the other user can simply extract the exe file from the image and use it .
Usage
Download mailexe (Dont forget to make it executable).Sending
A file called image.png will be created. This image file has exe file hidden in it. Send this via gmail.
Receiving
$ ./mailexe -d [original image] [duplicate image]
A file called output.exe will be created. This is exe file which had to be sent!!!!! Congrats!
How it works?
Sending
Step1
Convert the image and the executable to base64 and save it in a file$ base64 [image file] > temp
$ base64 [exe file] >> temp
Step2
Decode base64 file and save it as image$ base64 -d temp > image.png
Step3
Send image.png and the original image file via gmailReceiving
Step 1
Download both the images and convert both of them to base64 and extract that base64 part of exe file.
$ base64 [original image] >original
$ base64 [duplicate image] >duplicate
$ diff -ed original duplicate >diffed
$ tail -n +2 diffed |head -n -1 >exe.64
Step2
Now convert extracted base64 to exe
$ base64 -d exe.64 > output.exe
Now you can simply run the exe file.
download file now
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.