Thursday, December 26, 2024
Google search engine
HomeNewsHow to Hide Payloads and Backdoor Inside Images?

How to Hide Payloads and Backdoor Inside Images?

In this article, we are going to use ExifTool to hide our payloads or a Backdoor inside an Image. You can learn about the basics of ExifTool from the above article and its functionality, and commands to make the best use of the tool. This tool is best for Hiding payload and extracting metadata from the images. It is an open-source and popular tool for extracting metadata.

Steps: 

Step 1: Install the tool using the command given below:

$ sudo apt install exiftool

 

Step 2:  You can get more information about the ExifTool from its manual page.

$ man exifTool | more

 

Now we are going to use an image file with a .png extension and a payload with a .png extension. Your payload can be of any file type. In this article, we are going to use only .php we are going to make a folder by the name hide and in that folder, we are going to add our image with a .png extension. And you can add your payload file here, now we are going to use a .php web shell by the name webshell.php.

 

You can look out for the code of the webshell.php by using the nano command following the filename.

 

Now coming to the main part, now we have all the files and everything we need for hiding our payload.

Step 3:  The command for Adding the payload into the image:

$ exiftool "-comment<=<filename>" <imagename>

 

Step 4: After successfully hiding the payload you can also check if the payload is really there in the file or not by using the below command.

$ strings <filename> | grep system

 

Step 5:  Step As a final step, we are going to extract all the information from the image by its simple command.

$ exiftool trees.png

 

Whether you’re preparing for your first job interview or aiming to upskill in this ever-evolving tech landscape, lazyroar Courses are your key to success. We provide top-quality content at affordable prices, all geared towards accelerating your growth in a time-bound manner. Join the millions we’ve already empowered, and we’re here to do the same for you. Don’t miss out – check it out now!

RELATED ARTICLES

Most Popular

Recent Comments