Closed reeky1706 closed 5 years ago
ok .. i belive i have to write a better description of this 'option' ..
ive tried just now the tool using the follow settings
a) when this box appers, use an external program to change agent icon b) IMPORTANTE: never change the agent name
c) press enter in FakeImageExploiter.sh script to resume module execution
Hi there and thanks for your quick response I really appreciate Please how do you mean I shouldn’t change the agent name and where do I find the venom.sh script so I could press enter thanks
my bad (mistake)..
1º its not venom.sh (mistake) that you must press enter .. its on FakeImageExploiter.sh that we must press enter to continue script execution ..
2º shouldn’t change the agent name FakeImageExploiter tool builds trigger.exe and store it under FakeImageExploiter/output folder <-- if you wish use another external software to change the agent icon, or continue script execution without changing agent icon ..
HINT: FakeImageExploiter works without changing agent icon (BYPASS_RH=YES)
Thanks again for your response Pedro But how exactly...just did it now and it still didn’t work Please can you be more detailed? I’m just a beginner thanks
well in that case ..let me record a video tutorial ..
VIDEO TUTORIAL: https://www.youtube.com/watch?v=zUMxpIZo8BI
oh that will be very much appreciated Pedro thanks a lot ! Hope you will send me the link here
Hi Pedro good still Counting on you for the bug fix ,thanks so much and take care
Hi Pedro thanks for the video, have seen it but you didn’t really actually show how you fixed the bug! I mean how you actually pressed enter in FakeimageExploter.sh what external program should i use to change the agent icon ?
-1º Adds the image extension (.jpg) to trigger.exe and rename it to bug-report.jpg.exe -2º zip's the bug-report.jpg.exe and copy it to apache2 webroot as bug-report.zip -3º copy image.jpg and payload.ps1 (real payload) to apache2 webroot -4º provides a link (URL) to trigger bug-report.zip download
The agent build by FakeImageExploiter uses powershell.exe interpreter
to download/execute image.jpg and payload.ps1 from our apache2 webserver..
IT WILL NOT WORK UNDER WINE BECAUSE WINE DOES NOT HAVE
A POWERSHELL INTERPRETER THAT CAN EXECUTE AGENT COMMANDS.
great!! worked! thanks so much pedro for your patience and effort i really appreciate !!
Good .. glad to help ...have fun .. read this issue: https://github.com/r00t-3xp10it/FakeImageExploiter/issues/10 to install resource hacker or mingw librarys needed ..
WARNING: its TRIGGER.EXE that we must change the icon.. and place it on venom output folder before resume (press enter) the script execution ..
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+---+ |F|a|k|e|I|m|a|g|e|E|x|p|l|o|i|t|e|r|:|1.3| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-----+
[☆]Building : evil agent .. [☆]Compiling: agent using mingw32 .. [☆Manually change icon.ico sellected .. [☆]Use your favorite editor to change icon [trigger.exe] [☠] When finish, press any key to Continue ..
have been experiencing this bug with fake image exploiter it doesn't go any further from here will really appreciate a response on this issue hence a fix thanks