Jump to content
Fi8sVrs

Trojanizer - Trojanize your payload - WinRAR (SFX) automatization - under Linux distros

Recommended Posts

  • Active Members

TROJANIZER

Version release : v1.1 (Stable)
Author : pedro ubuntu  [ r00t-3xp10it ]
Codename: Troia_Revisited
Distros Supported : Ubuntu, Kali, Mint, Parrot OS
Suspicious-Shell-Activity (SSA) RedTeam develop @2017

687474703a2f2f692e6375626575706c6f61642e

 

FRAMEWORK DESCRIPTION

The Trojanizer tool uses WinRAR (SFX) to compress the two files input by user, and transforms it into an SFX executable(.exe) archive. The sfx archive when executed it will run both files (our payload and the legit appl at the same time).

 

To make the archive less suspicious to target at execution time, trojanizer will try to replace the default icon(.ico) of the sfx file with a user-selected one, and supress all SFX archive sandbox msgs (Silent=1 | Overwrite=1).

 

'Trojanizer will not build trojans, but from target perspective, it replicates the trojan behavior'
(execute the payload in background, while the legit application executes in foreground).

 

687474703a2f2f692e6375626575706c6f61642e

 

DEPENDENCIES (backend applications)

Zenity (bash-GUIs) | Wine (x86|x64) | WinRAr.exe (installed-in-wine)
"Trojanizer.sh will download/install all dependencies as they are needed"
╔────────────────────────────────────────────────────────────────────────────────────────────╗
|        It is recomended to edit and config the option: SYSTEM_ARCH=[ your_sys_arch ]       |
|        in the 'settings' file before attempting to run the tool for the first time.        |
╚────────────────────────────────────────────────────────────────────────────────────────────╝

687474703a2f2f692e6375626575706c6f61642e

 

PAYLOADS (agents) ACCEPTED

.exe | .bat | .vbs | .ps1
"All payloads that windows/SFX can auto-extract-execute"

HINT: If sellected 'SINGLE_EXEC=ON' in the settings file, then trojanizer will accept any kind of extension to be inputed.

 

LEGIT APPLICATIONS ACCEPTED (decoys)

.exe | .bat | .vbs | .ps1 | .jpg | .bmp | .doc | .ppt | etc ..
"All applications that windows/SFX can auto-extract-execute"

 

Video Tutorials

 

Trojanizer - AVG anti-virus fake installer (trojan behavior)

 

 

Trojanizer - single_file_execution (not trojan behavior)

 

Download/Install

1º - Download framework from github
     git clone https://github.com/r00t-3xp10it/trojanizer.git

2º - Set files execution permitions
     cd trojanizer
     sudo chmod +x *.sh

3º - config framework
     nano settings

4º - Run main tool
     sudo ./Trojanizer.sh

 

Source

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...