How to Hide Payloads & Backdoor Inside Images
ExifTool : Hide Payloads Inside Images
In this blog, we will explore various methods to hide payload inside an image. For that, we will use ExifTool that is pre-installed in Kali Linux. There are several features inside ExifTool, For example, Hiding payload, extracting metadata, etc. ExifTool gives us the easiest way to extract metadata inside images. It is a free and open-source tool developed by Phil Harvey.
Table of Content
- Introduction to ExifTool
- Installation
- Hide Payloads & Backdoor inside image
Introduction to ExifTool
As you know, we have earlier mentioned exiftool. The purpose of ExifTool is to read, write and manipulate the metadata of an image. Assume! While solving the CTF challenges, we have seen that port 80 is open into the target system. Without wasting time, we started scraping the webserver. After doing hard work, we found an image in the target system which may be an essential secret hidden. We don’t have any knowledge to extract metadata from inside an image. Now we will apply ExifTool to extract metadata from the image.
Installation
The process of installing ExifTool is easy in Kali Linux. In other operating systems could be different. To install exiftool in Kali Linux, we need to run the following command.
- apt-get install exiftool
- apt-get install libimage-exiftool-perl
To get more information about ExifTool, you should read the manual page.
- man exiftool | more
Hide Payloads & Backdoor inside image
From the below image, you can notice that two types of files available inside the ExifTool folder.
- pentestblog.png
- shell.php
We will extract the entire metadata of the pentestblog.png image with the help of ExifTool. Sometimes during the CTF challenge, the passwords are stored inside the image. We need to execute the given below command.
- exiftool pentestblog.png | more
We have designed a payload inside the “shell.php” file that opens the door for code execution on a web server so that attackers can easily access your system.
Now we will hide the payload inside the “pentestblog.png” image. According to the below image, we have already mentioned: “shell. php“
To hide this type of payload, follow the below command.
- exiftool "-comment<=shell.php" pentestblog.png
We were able to hide the payload inside the image. I hope you liked this blog.
- strings pentestblog.png | grep system
Again we will extract the entire metadata of the pentestblog.png image with the help of ExifTool. Now you can notice that our payload has attached to the comment field.
- exiftool pentestblog.png
Latest Posts
- SQL INJECTION – Extracting Username and Password From Database
- How To Dump Username And Password Using SQLMap Tool?
- Protected: Exploit Apache Log4j Security Vulnerabilities – CVE-2021-44228
- Hack The Box Previse HTB CTF Machine Walkthrough
- How Can I See List All Users In A MySQL Database Server
⭐⭐⭐⭐⭐
Rating: 5 out of 5.