Hackers Are Waiting For You to Open This Image
Переглядів 131,665
День томуThis video will show you how hackers can control your device using a trojan via discord!
🔴 Get $100 FREE credit on Linode to create your own cloud server (Valid for 60 days)👇
www.linode.com/zsecurity
------------------------------------------------------------------------------------
Maythom personal UKposts channel: / @maythom
Patreon: / maythom
Instagram: / mayth0m
Twitter: / mayth0m
zSecurity Company - zsecurity.com/
Community - zsecurity.org/
zSecurity social media here ##
zSecurity Company - zsecurity.com/
Community - zsecurity.org/
Facebook - / zsecurity-145325078145...
Twitter - / _zsecurity_
Instagram - / zsecurity_org
Linkedin - / zsecurity-org
TikTok - / zsecurity_org
-------------------------------------------------------------------------------------
Resources:
Icon convert website: icoconvert.com/
Github Tool: moom825/Discord-RAT-2.0
WinRar: www.win-rar.com/download.html
------------------------------------------------------------------------------------
Timestamps:
0:00 - Intro
00:45 - Thanks to Linode!
01:33 - Installing the tool
02:35 - Clarification
03:29 - Creating a Discord Bot
04:32 - Creating a Discord Server
05:28 - Building the backdoor
07:55 - Building the trojan
10:50 - Trojan in Action!
13:56 - Securing Yourself from this
15:06 - Thank you!
-------------------------------------------------------------------------------------
⚠️ Please be advised that this video is made for educational security purposes only. Also note that you shouldn't test on devices that you don't have permissions to test. We always have the permissions granted to test the accounts/devices used on this channel.
I hereby affirm that the devices employed in this video are under my exclusive ownership, and the primary purpose of this content is strictly educational. It is of great importance to emphasize that this video does not, in any way, endorse or encourage any unethical activities.⚠️
@mrdirect4053 Місяць тому
The LEGENDARY line "For educational purposes only"....💀😎🥃
@rakiburshuvo09 Місяць тому
and we use it to spy unknown by saying educational purposes only 💀💀
@opinysamuelleo3457 25 днів тому
@@rakiburshuvo09 of course they will tell you to the main purposes, but we must agree that is really cool.
@walakiraismail3907 24 дні тому
Very legendary
@Cheez_and_crackers 12 днів тому
How to negate all liability
@Noone-ml1me 7 днів тому
People who did not heard the epik line: "oh yeahhhh baby its hecking time "
@sasTRproabi 21 день тому
I was scanning the image files with my antivirus and my friend was laughing, now I am gonna send him that video :D
@hollycow8171 17 днів тому
only jpg can hold data. not other extension.
@jasp402 14 днів тому
I'm afraid it won't detect it anyway. Until you double click it is a compressed file.
@officialabandonedcrack 13 днів тому
How to identify: if you don't have file extensions enabled, do not open ones that appear with an extension, also scrs and com files are basically executable but com is old.
@gtr8741 Місяць тому
When they say "educational purposes only" you know they ain't gon bs around 💯🔥
@OGmolton1 12 днів тому
its scary how insecure windows is, thanks for sharing
@menreikichan8291 4 дні тому
Won’t this be detected by windows defender?
@timmmm5012 День тому
@@menreikichan8291it should be but sometimes people turn it off for some reason
@softwaremkxvii День тому
@@menreikichan8291not allways
@mythbasters3119 Місяць тому
I love Z security for this reason . Their video is well explained and organized and so easy to understand the process ❤
@sarowarhosen003 2 місяці тому
I'm a Linux user. I'm upset that I cant run this virus on my pc
@dark4ne 2 місяці тому
Which distribution are you using?
@sarowarhosen003 2 місяці тому
@@dark4ne Ubuntu
@MemoriesInsideMe 2 місяці тому
Cry harder
@remy2885 2 місяці тому
let me start a metasploit bd lol u can cry then.... nahh wait lemme just start a nc beacon.....
@sarowarhosen003 2 місяці тому
@@remy2885 try try but don't cry. this virus couldn't run on Linux that's how Linux is secure
@Compute_and_Hack Місяць тому
Wow! This has been insightful to me about the trojan. Thanks a lot lot more, very thankful sir... Any way i have a question, will the victim PC always be connected to the server immediately when the victim is connected to the internet, or it will require the user to open the trojan file.
@NikolaTomic Місяць тому
Will it execute if I right-click on file to go to properties but I already have XNView MP with shell extension to show me image preview in explorer?
@keto4life197 19 днів тому
With a keygen so You got all the virus You need
@TrippyMango Місяць тому
It might work until you have file extensions enabled or download it from a internet browser, there it will say "image.jpg.exe"
@Klebedose95 23 дні тому
I always look for the extension to be not ".exe" ... but the reverse character is new to me. So now I'll always also pay attention to filenames like "[filename] exe. [fileending]" So this would also work if you send .pdf files to other people...
@hithammelhem2656 Місяць тому
thank you as a user how to identify such manipulated image
@Muziek37414 2 місяці тому
Instead of turning off windows defender, you could add a exclusive folder or zone where the AV Wil not scan. I know some infostealers use this method
@Compute_and_Hack Місяць тому
do you mean the victims PC defender must be turned off so that the connection can pass?
@Muziek37414 Місяць тому
@@Compute_and_Hack no defender can still be on and active. If you add an exclution zone you can run code without it being scanned by defender and I think even amsi
@Compute_and_Hack Місяць тому
@@Muziek37414 Thanks
@similiciousprogrammer1109 23 дні тому
I want to target android Is it same for android ?
@robertsteve5175 21 день тому
@@Muziek37414 how please
@Iamlookingforwoody.....786 20 днів тому
Thanks for guiding us for using VMware machine before practicing this work.
@hollycow8171 17 днів тому
how old are you tbh. 😮
@robinsonpk5867 4 дні тому
Its not working right now , fixed by discord. Right?
@flash_gang 2 місяці тому
This is cool but nobody would actually fall for this because windows will have that pop up saying that it’s an untrusted executable
@eyezikandexploits Місяць тому
Man youd be surprised, someone young would and with social engineering too its game over. SWIM used to go into minecraft servers have a friend who (didnt know me) but would "downlod" my rat and vouch for it to have worked(some minecraft mod or a hack for it, even went as far as to make them in java) and thats all itd take for people to be trucked
@sysk3y-prod771 Місяць тому
Simple fix… obfuscation
@flash_gang Місяць тому
@@sysk3y-prod771How would obfuscation fix that? It would still give you a popup before it runs telling you its an executable not an image.
@giftmoyo9957 Місяць тому
I got hack with this same trick three days ago it made me erase all data from my PC. Thank God I realised quickly that I was being hacked otherwise the attacker could have gone with my credentials. The attacker embedded the code in unsuspicious link under a video tutorial which I clicked and that was all it disabled everything on my computer.
@flash_gang Місяць тому
@@sysk3y-prod771I thought I had responded to this, I think my other comment got auto flagged for some reason. Obfuscation would not fix the issue of a gui popping up before you run the executable that tells you its an executable not an image.
@stanislavsmetanin1307 2 місяці тому
Wait!! After the user opening you should close the picture, not going to discord, as user will not stare at the BMW forever. :)
@-zarex-6847 6 днів тому
can u only Control if the picture is open? then Its useless lol
@gokulmahesh5757 21 день тому
brilliant steganography technique
@frezerfiseha1553 2 місяці тому
It's been ages men😢
@SuperNickid 11 днів тому
@zSecurity: What about emulator does are application.exe but the majority of them are not virus and the reason they are is to make sure the game work when you used the emulation since you need executable file to run the game.
@Bandual692 2 місяці тому
Many youtubers says it's an educational vdieo but it's educating and updating an hacker for more features 😂😂 like here if you like it😂😂
@sarowarhosen003 2 місяці тому
if your know you know
@stephenluttrell8958 Місяць тому
This little trick has been around for years. It’s not teaching anyone anything new and there are plenty of ways to defend it. But that sword swings both ways. It may teach some new hackers something, but it also teaches everyone else what to look out for.
@jaysmooveV2 2 місяці тому
Does this work on mac
@spinnerlive 20 днів тому
Bro it took me few seconds to realize that it’s you. Looking great in beard.
@donjohnson6063 2 дні тому
I love these , I like to open the exe in ida pro get the token and take control over the bot/ channel it is. Noticing people use either discord or telegrams as a command and control center , the biggest mistake is hard coding api or keys in the exe
@user-mq4lc2bs1b Місяць тому
super i like it thanks for the valuable information.
@painandsuffer 9 днів тому
For one trillion years I've been trapped in my own decaying dimension, waiting for a new universe to call my own.
@Muziek37414 2 місяці тому
Maybe show to add some persistence? With powershell add on startup
@similiciousprogrammer1109 23 дні тому
I want to target android Is it same for android ?
@Tsu1. Місяць тому
when someone opens it i can only do 2 commands before it just stops working can i have help?
@tentimesful 11 днів тому
if an image is hacker thing and your image opener makes them hack you get rid of it as a image program reads out the image colors at their positions and voila no hacking on to you, and this goes also for your videos,,,
@virtualheadless4764 2 місяці тому
Hey what happen if user is offline and then open the file and deleted in offline mode by finding nothing on file Can still we have access
@shadowsalah1484 Місяць тому
the backdoor wouldn't be activated at that moment since the file couldn't establish a connection to the attacker's server or execute any malicious code while offline.but once the friend goes back online, if the backdoored image contains executable code or a script that initiates a connection to the attacker's server, the backdoor could potentially execute its malicious payload.
@zamal7611 Місяць тому
yeah, it's working but windows firewall detected (can u make video for win firewall to avoid malware in image)
@gamingassassin6736 16 днів тому
if you have window defender on will it still download and execute?
@lancemarchetti8673 22 дні тому
Just embed the reversed Base64 of your payload after the 2nd byte in any jpg file. Image parsers will ignore it as Metadata. And your image won't look suspicious. No need for exe renaming tricks.
@Hello-eg8er 17 днів тому
How does this work?
@avx0966 2 місяці тому
Form to input guild Id and server id is not opening
@ComposewithAi Місяць тому
Will it work if I have firewall to block new connection
@technicalmaster-mind 20 днів тому
Thank you
@mihaelkYeah 10 днів тому
This hugely complex security exploit can be easily avoided in any operating system if you just DON'T HIDE EXTENSIONS FOR KNOWN FILE TYPES
@Gaming_And_Creativity 21 день тому
Once the hack is done, I have the information about the victim machine so now my question is will the firewall be closed on the victim machine or is there nothing to do with it...?
@Fevirre 3 дні тому
What's funny if you scan the virus on triage, it can log the bot's token the attacker is using and it can be used to login with a discord bot client and screw up their current operation Basically sending a good dose of karma to the attacker
@cyberguardsolutionsservices 2 місяці тому
Please the renaming can you edit later and modify the exe in the file name?. Thank
@LeftoverAtoms 14 днів тому
Why aren't file extensions enabled by default? It just makes sense...
@user-zi5hp3ih7j Місяць тому
during my intern i was victim on this , the usb is encrypted
@kolawoleoyedokun7250 2 місяці тому
🎉. This is cool. But, how do we bypass windows defender and antivirus being installed on windows target
@lolononojay9010 2 місяці тому
Use a crypter
@fifidurand7421 2 місяці тому
@@lolononojay9010 and where can i find good crypter??
@jainayrogeorge2924 2 місяці тому
@@lolononojay9010any free recommendations???
@winwininnovation8528 2 місяці тому
can you please suggest one or share with me one@@lolononojay9010
@AbubakerMahmoudshangab 26 днів тому
Perfect zsecurity guys
@endremurti 18 днів тому
Any idea for android target setup?
@theremixsong.4712 20 днів тому
When I clicked it then: "Oh no! You have no power here" Operating System: Arch Linux BTW
@daddyserban2038 2 місяці тому
We need a example for how to crack the cctv passwords if they are not default
@BaapLap 24 дні тому
Same here
@LanceEdwinMaligaya 12 днів тому
Will Anti Virus on windows PC detect the backdoor when the user try to download and view it?
@craigdaniels1492 29 днів тому
Won't Windows defender catch this if they click on the image??
@allyouneed4775 2 місяці тому
Sir where is your channel can you please give me the link of your channel
@Celeste_Eira672 2 місяці тому
in my pocket
@ReligionAndMaterialismDebunked 2 місяці тому
Been a while since y'all posted. Shalom. Hehe. :3
@Conecte_Aqui 2 місяці тому
How are you managing to keep your UKposts channel covering hacker issues? I had a channel with several hacker-related topics and UKposts, after I had 200 videos, deleted my channel. How can you keep the videos?
@user-pv6mx4wi5x 2 місяці тому
You forgot to add for educational purposes 😂
@Conecte_Aqui 2 місяці тому
@@user-pv6mx4wi5x I put it in the video description that it was for educational purposes and even then it didn't allow it until a warning at the beginning of the video
@FurqanHun 2 місяці тому
You're not supposed to show everything in video, you shouldn't be showing malicious code on the screen and there shouldn't be a real victim 🚶 there's a grey area in the education section and it's pretty easy to cross over it 🚶 btw you can still send a takeout request to google for that channel even if it's terminated and you'll get permission to download your videos
@archerthepitbull883 25 днів тому
Hii bro can u teach me how to start hacking...
@AzqyYT 16 годин тому
When i open up the script with the foto its says windows cannot find backdoor.exe make sure you typed the name correctly And then try again
@Oracule-bh5vy Місяць тому
injected PIC, its new for you?
@nightwing09x Місяць тому
Taking your course on udemy, thanks!
@easylearning4474 Місяць тому
can you give it to me for free?
@user-kz2sz6bi7b Місяць тому
best Sir, but can u tell me how can we build in pdf file for android, kindly make a video for android and uplaod on channel, please
@kobeJanssen_officieel Місяць тому
after 10 min my discord bot is offline how can i fix it?
@WARSMP-pb1ku 14 днів тому
BROTHER CAN YOU TELL ME HOW I CAN MAKE THAT LIKE DISCORD IF ANYONE DOWNLOAD DISCORD IT AUTO GOES ON STARTUP HOW I CAN SETIT UP WITH THIS SO THIS Exe is opened one time and then it set up to startup
@didyouknowamazingfacts2790 27 днів тому
I'm pretty sure most email providers will pick this up as malicious.
@bhavyanegi6602 20 днів тому
Yea easily, you need to learn by-passing AV and reverse engineering to make it undetectable.
@sgct89 18 днів тому
Please ask them to keep waiting? I have dial up and it said I've got 8 months left until the image is completely downloaded!
@wayofsarthak Місяць тому
Some commands need admin access. How to run those commands? Pls pls tell anyone
@mrblackhat4309 Місяць тому
use sudo
@technicalmaster-mind 20 днів тому
still it may ask admin permission@@mrblackhat4309
@deadlydragonrealm Місяць тому
is it undetectable by defender?
@rimofficialYT 9 днів тому
No
@kingsmith3352 26 днів тому
Still showing my icon only not my executable file😢😢 y pls someone should answer me😢
@owASTA 24 дні тому
i think the cons are the space of the file , it can be spotted
@abdbout Місяць тому
hi ser is it working on phones
@waiphyoaung1107 2 місяці тому
Can kill windows security for this image?
@ENROUTERV3 19 днів тому
Know the difference between steganography and evasion
@ammarc53 2 місяці тому
How do i enable wifi options in virtualbox kali
@protocol1icmp 2 місяці тому
😂😂😂😂😂 nonsense
@M4R479 2 місяці тому
For case you do not trolling us :) ... your windows wifi is provided to your Linux in VB, where is accessed as Ethernet adapter type. You do not need to conf. wifi there :)) ... But you have the options to use Linux as bootable flash disk to avoid virtualization.
@Celeste_Eira672 2 місяці тому
turn on your wifi
@trippythegoat9438 6 днів тому
I tried this but when i tried to change the name and the picture it came with the same error ''ATR not found''
@BM-wl2sn 22 дні тому
Type of file WEBP (.webp) what this?
@bostm8687 Місяць тому
But how can you sent this file. I mean all programs as discord, email… recognize that that is a virus a blocks it?
@technicalmaster-mind 20 днів тому
You'll send zip file with password
@ProfChemeng3 2 місяці тому
Ill try this on you😂
@Nochymusic 2 місяці тому
Teach how to embed a RAT(apk)into am image
@kingsmith3352 26 днів тому
Mine is still showing the .ico extension y😢😢
@defarmer2020 Місяць тому
i get an error message saying windows cannot find backdoor.exe. how can i fixed this?
@moneyman6227 Місяць тому
most likey virus protection make sure to turn off and make exclusion after its made
@Banjara.official 6 днів тому
is it also work in androaid mobile?
@hollycow8171 17 днів тому
any other way other than discord?
@DirkArnez 12 днів тому
.exe is too beginner that i automatically ignore when i enable extension in Windows Explorer. I prefer to have virus in an image file that i cannot complain
@uniqueinsanvlog 2 місяці тому
It's work on mobile as well??
@METAACCOUNTRECOVERYTEAM 2 місяці тому
No it's not working
@Doomslayer151 14 годин тому
Special thanks to do Discord , Github , MS-Windows Charmap for supports DIY malware(not really)
@babyshake9290 Місяць тому
Can I practice on real target computer?
@hipsterop Місяць тому
😂
@KDR911KO 26 днів тому
Well that can be resolved by extraction the file and kill the virus service
@Blackify_live Місяць тому
Thank you for your precious time and knowledge. ❤
@user-bv6ms6ww6b 8 годин тому
Work on phone?
@jageshnaidoo5588 14 днів тому
What is the useful app to avoid hackers?
@blackanonymous 15 днів тому
yoooo thanks so much
@boh70326 2 місяці тому
Does it work on android and iPhone too ?
@MisterEpsilon 2 місяці тому
no.
@hollycow8171 17 днів тому
We did this in 2006 😜 Easy to track keystrokes, screenshots, and more.
@avx0966 2 місяці тому
Its builder.exe , its it dade to download?? I download but ehen i double click on builder . Form doesn't pop up for seriver id ,guild id etc
@sus-rh6tw 2 дні тому
me with image extensions turned on:
@hazratumeriit5374 2 місяці тому
I think you are the brother of zahid sabih
@cocococodrilo 2 місяці тому
As usual this kind of video don't make sense as Windows defender will stop the program before executing ....
@lolononojay9010 2 місяці тому
Use a crypter
@choco-yt 2 місяці тому
@@lolononojay9010how
@naseertarar7309 2 місяці тому
which crypter should we use? @@lolononojay9010
@kazgaming6571 11 днів тому
5:43
@shaulplays 18 днів тому
Flipkart is very scandalous
@hermano_adam Місяць тому
but when i want to copie the bot token they say entre the password what is the password plllls
@SirLizardo 29 днів тому
its your discord password
@KDR911KO 26 днів тому
Is linux not feeling well does it need a vaccine
@ENROUTERV3 19 днів тому
Yo this linode can people name 5 users who use it?
@mekithuat9832 7 днів тому
I can't use any commands like !help. Help me please
@7kSmoke Місяць тому
the bot doesnt works idk why
@mudassarmuhammad776 25 днів тому
How to remove it from the machine ???? this should also be told in the video....
@jonda_mc 25 днів тому
Just make new one
@KDR911KO 26 днів тому
It's called steganography
Мелодрама твоей души
Переглядів 1,8 млн
УКРАИНА СЕГОДНЯ - ГРОШІ
Переглядів 665 тис.