How to Hide Payloads & Backdoor Inside Images
ExifTool : Hide Payloads Inside Images
In this blog, we will explore various methods to hide payload inside an image. For that, we will use ExifTool that is pre-installed in Kali Linux. There are several features inside ExifTool, For example, Hiding payload, extracting metadata, etc. ExifTool gives us the easiest way to extract metadata inside images. It is a free and open-source tool developed by Phil Harvey.
Table of Content
- Introduction to ExifTool
- Installation
- Hide Payloads & Backdoor inside image
Introduction to ExifTool
As you know, we have earlier mentioned exiftool. The purpose of ExifTool is to read, write and manipulate the metadata of an image. Assume! While solving the CTF challenges, we have seen that port 80 is open into the target system. Without wasting time, we started scraping the webserver. After doing hard work, we found an image in the target system which may be an essential secret hidden. We don’t have any knowledge to extract metadata from inside an image. Now we will apply ExifTool to extract metadata from the image.
Installation
The process of installing ExifTool is easy in Kali Linux. In other operating systems could be different. To install exiftool in Kali Linux, we need to run the following command.
- apt-get install exiftool
- apt-get install libimage-exiftool-perl
To get more information about ExifTool, you should read the manual page.
- man exiftool | more
Hide Payloads & Backdoor inside image
From the below image, you can notice that two types of files available inside the ExifTool folder.
- pentestblog.png
- shell.php
We will extract the entire metadata of the pentestblog.png image with the help of ExifTool. Sometimes during the CTF challenge, the passwords are stored inside the image. We need to execute the given below command.
- exiftool pentestblog.png | more
We have designed a payload inside the “shell.php” file that opens the door for code execution on a web server so that attackers can easily access your system.
Now we will hide the payload inside the “pentestblog.png” image. According to the below image, we have already mentioned: “shell. php“
To hide this type of payload, follow the below command.
- exiftool "-comment<=shell.php" pentestblog.png
We were able to hide the payload inside the image. I hope you liked this blog.
- strings pentestblog.png | grep system
Again we will extract the entire metadata of the pentestblog.png image with the help of ExifTool. Now you can notice that our payload has attached to the comment field.
- exiftool pentestblog.png
Latest Posts
- Protected: How To Mount USB Drive in Ubuntu Linux
- CVE-2022-30190 (Follina)-Microsoft Support Diagnostic Tool Vulnerability
- SQL INJECTION – Extracting Username and Password From Database
- How To Dump Username And Password Using SQLMap Tool?
- Protected: Exploit Apache Log4j Security Vulnerabilities – CVE-2021-44228
⭐⭐⭐⭐⭐
Rating: 5 out of 5.
The professional hacker true out the word that I believed in him is only Henryclarkethicalhacker Group Hackers Checked Google and see everybody comments on him he a professional that I believed in him if you have problems on any stuffed like a bank, company, school grades change examinations, database, Social media hacks, Email hacks, Phone hacks, Bitcoin hacks, increased Credit score boost to 800, School result upgrading, cryptocurrency, Binary option funds recovery, Bitcoin Mining, Instagram, WhatsApp, Twitter, Monitor your colleague, access your spouse social media, and a lot more, via, femethicalhacker@gmail.com, on whatsapp 18134211326..