A problem I've run into several times over the year, is that a small programI've written relies on another outside file. Maybe it needs to include animage, or maybe it relies on another small executable. It's a pain to deploymultiple files in these cases. I'd like everything nicely wrapped up intoone executable.
So how do you embed a file into an executable?
Many years ago I wrote a small utility that takes a binary file for input. Itthen hex-encodes the file and outputs C code. The C code is an array which isinitialized with the file's contents.
Now victim will download the zip file and click on the sales.jpg. When victim will click on sales.jpg, we will get a meterpreter session at the background on Metasploit framework. Author: Aarti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. This example image's embedded internal file-path = 'resources/eXeBagMan.jpg' this example image's exported external file-path = 'eXeBagMan.jpg' In this example the image's base filename of 'eXeBagMan.jpg' happens to be identical to that which was initially embedded, but this might not always be the case. You can just embed the.exe in the assembly as a byte array which is accessible as a property. Two steps to get it and save it to disk, instead of the monstrosity with magic strings you've suggested. Here's a page on how to create strongly typed resources in VS. – user1228 Aug 17 '10 at 12:40.
I just dug this program up to use it yet again, and I've decided that it'd benice to share it.
The code is short, so here it is:
I've also posted it to Github under the name hexembed.
Code Explanation
Hopefully the code is pretty self-explanatory. It first takes the filename asan argument. It opens the file, uses ftell
to find the file size, then reads theentire file into memory. The last step is to loop through the file's data andwrite out the C array initializer.
Usage
It's pretty easy to use. First build it with any C compiler. It's ANSI C, so itshould run on any OS.
Then run it on the file you would like to embed. Pipe the output into a .c
file that you can include with your program.
Now you can simply #include 'some_file.c'
in your C or C++ program and yourprogram will have access to some_file.jpg
.
I think this works really well for some applications. It's great when you havea small file that doesn't change much. In effect, that file becomes part ofyour source code. Another benefit is that the end result is veryportable. It'll work with any compiler on any OS.
I love writing code that I know will still compile 10 years from now withoutproblems.
I didn't know this when I wrote my program (which only took a few minutesanyway), but apparently xxd
can already do this. You run it with the -i
flag to 'output in C include file style.'
Here's the Wikipedia page for xxd.
Of course if you have many files you may find this setup tedious. Or if youhave really big files this may not be the best solution. You probably don't wantto feed a 10MB array initializer into your compiler. In that case there areother options.
One alternative is to use your linker to embed a binary blob directly into yourexecutable. For example:
Because the data is linked directly into your executable, my_program.c
mightaccess it like this:
The symbol names may differ. You can find them with objdump -t some_file.o
.
The biggest drawback to this method is that you're relying on special featuresof your toolset. So if you need to change compilers in the future, you'reprobably going to have a hard time.
Embed Exe In Jpg Files
Like this post? Consider following me onTwitter or following me onGithub. Don't forget to subscribe to my feed.
What is Steganography ?
Steganography is the art and science of hiding information by embedding messages within other, seemingly harmless images or other types of media
Steganography has become increasingly popular in the past years , majorily in hacking communities where it is extensively being used for hiding the executables within the image file . In the following tutorial I will show you how easy it is to hide an executable within an Image file .
Here is a Noob Friendly tutorial on Steganography that explains how to hide exe within the Jpeg .
1. Save the picture of choice to your desktop.
2. Make a new .rar or .zip folder on your desktop.
3. Add the files you want to hide into the .zip or .rar
4. Click start menu, run, cmd.
5. In Command Prompt type cd “desktop” with the quotation marks.
6. Now type in
( If you use .zip then: copy /b picturename.jpg + foldername.zip outputfilename.jpg)
7. Now there should be the outputed file name with a .jpg extension on the desktop.
( Do not close Command Prompt just yet )
8. Double click it to open the picture and check it out.
9. When your done looking, and want to view the hidden files
Embed Exe In Jpg Viewer
Hide exe within the Jpeg
That easy it is to hide a executable malware within the Jpeg file .
This tutorial is only for educational purposes and not to be used to cause any damage to anyone .