Jump to content
Fi8sVrs

File extension exploit!

By Fi8sVrs, in Tutoriale in engleza

Recommended Posts

  • Active Members
Fi8sVrs Rookie

Fi8sVrs

Posted
  • Active Members
Posted (edited)

This is a usefull tut I found, all credits go to Cuddle:

This tutorial will show you how to make your .exe (or .com/.scr) files look like .jpeg/.mp3 or any other filetype! By normally changing the extension to e.g .mp3, will corrupt your file, but with this exploit your file will still be executable!

1. I have my server.exe, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end.

Now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space).

1355d8aac0de527e31eaa477ee7928e8.png

2. Now it's time to use the exploit! Open up the Character Map:

c798211b2cb142dbba73607e44508456.png

Scroll down and find the "U+202E: Right-To-Left Override" character:

3de9765de2bdba8e8dcb54ab503c54f4.png

Click "Select" and then "Copy".

3. Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste)

1cb7fb8cb3609448bf88a1939f8b5e0a.png

Then type "3pm" (without the " ") and press Enter. Now it should look like this:

39c227c69b6910e0ca6aacffc30cc78d.png

Done! Obviously you might want to change the icon to look like an mp3 before doing this..

A short video can be found here:

- [MediaFire]

- [MultiUpload]

- [

]

(Watch in HD + Fullscreen)

Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside.

8c3f0b7fd4d47e1c5349be812a952d28.png

Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations!

If you have any questions, feel free to ask! : blackhat:

Also, here's a .pdf explaining the exploit: http://dl.packetstormsecurity.net/papers/general/righttoleften-override.pdf

Those who can't find the character in the default CharMap in windows, do this: (not sure if it works but worth a try)

1. Download BabelMap and run it.

2. Open this picture:

px6.png

- Make sure "Single Font" is ticked and "Arial Unicode MS" is chosen as Font.

- Search for OVERRIDE and click on the RTLO character (row 2020, column E)

- Click on the Select-button

- Click on the Copy button

Also, those who have problems with WinXP and non-english OS versions, take a look at this.

article from r00tw0rm

Edited by Fi8sVrs

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...