This video is genuinely brilliant! It's one of the things I really admire about this field: using standard stuff differently and creatively! Thanks John!
Really great info even for general users who would like to spot these tricks. I always had a funny feeling about LNK files, and examined every one which I downloaded before executing.
I made an implant where target device connects back to c2, I was thinking of an idea to somehow make it more user-friendly for windows users, and here you provided ma lead, thanks brother!
PKZIP (.zip files) will polyglot with almost anything since they put all their header information at the end of the file rather than at the beginning. in fact pretty much all self extracting zip files that exist are extremely-easy-to-create .exe/.zip polyglots. you take a generic exe zip extractor that tries to open itself as a zip file and just concatenate whatever zip file you want.
I had this doubt (can we alter this application) since I accidentally opened a software's shortcut with VS Code and got to see this whole messy binary thing, and thankfully I understand now. So thankyou for this video :)
@@iWhacko yep this. Or even as a standalone with a shortcut to a site, and lolbin download of another payload in the bg. But normally I'd just drop one in an open share of an internal.
I was thinking about someone on RUclips comments, or in a live chat, I forgot where, who said that he/she hates people that talk with their hands. Hahahaha. Seeing you talk with your hands, like I, and many of us do, reminded me of that. I'm part Italian, and Italians are known for talking with their hands. :3 Cheers, brother! Shalom. 🤝😁
It is my unfolded Thanksgiving for your restless and selflessly working for the benefit of needy users like me who founded in the edge of cliff resulting me loose up trust from someone who is presenting youtube videos help fix problems with Google betrayal to privacy, selling users data and irresponsible in stay safe to google account and passwards etc was pushing me to the new" IT and Hacking courses" inorder providing study,, knowledge and skill on how to get out of problems indepently by using my ip adress, google account network,wifi since months ago. This is one of usefully presented video out of what you have share users, especially me from the day of onsets of these problems.
guys i need to know is ai the go to for subnet solving now, like literally is it , and by the way john i hear you mentioning opening the flood gates by learning programming first ,i have books but its so theory based and im a hands on guy can you make a in depth video of your theory
after connected with kali a windows machine, what are the commands i can run for showing data of victim machine, if i start anything that thing opens in victim machine, show how can I use victim's computer
Please help, If I try this with a .lnk file extension with the copy command I get an error saying that the system can not find the file, but if I try it with a .png or any other type file it sees it. PLEASE HELP 6 hours in!!!🤔🥴
I dont see the need for having the .lnk data in the start of the .lnk file, if we are just going to change the target anyway, why not just write a hta file, change the file extention to .lnk and do the same. Wondering if I'm missing something here
To keep things at stealthy as possible and still be functional. A .lnk file will fly under the radar for most users, especially if it looks like it's for an application you have installed. A random .hta file showing up anywhere would raise a few alarm bells or at least a furrowed eyebrow or two. With a .lnk file, you can set the properties of it like icon etc. to obscure its true function even further. A .hta file that's been renamed to a .lnk file will just give an error when someone tries to run it because windows will treat it like a .lnk file.
if it's renamed to .lnk windows will treat it as a link and give you an error because it doesn't know how to interpret the data as a .lnk file. you specify how to run it using mshta.
excuse me Mr. Hammond, i have a question. If you have windows defender running, this lnk "malware" file can bypass it or it will be blocked when executed?
Is this pay what you can training only available in America or something? The lowest you can pay is $295 - I don’t understand why it is called pay what you can, when it isn’t pay what you can at all.
That price is for access to their Cyber Range. You can buy the 16 hour SOC Core course for $25, but you don't get access to their infrastructure nor their labs running on there. Honestly, $295 for access to an industry leader Cyber Range is worth it.
im in europe, if you go through the registration process at the last option you can choose how much to pay. It used to be free, but I think they changed it to 25usd so they get less no-shows, since people who pay nothing don't lose anything by not showing up.
october to end of december is always pretty busy for anyone in cs field. the man can take a break i think. 😂 "cHaNnEl DyInG" naw man thats not gonna happen
This video is genuinely brilliant! It's one of the things I really admire about this field: using standard stuff differently and creatively!
Thanks John!
Research LOLBAS if you liked this :)
Best way to get control
How to use? @@apekatt2007
Really great info even for general users who would like to spot these tricks. I always had a funny feeling about LNK files, and examined every one which I downloaded before executing.
I made an implant where target device connects back to c2, I was thinking of an idea to somehow make it more user-friendly for windows users, and here you provided ma lead, thanks brother!
Very nice video! As a cybersecurity master student, i really enjoy this content. Also, i envy your hair
fun pranks to try in the school computer lab vol. 2
That watch is SOOOOOOOPERRRRR.... DOPE!!
Ive been waiting for this master piece of a video!
many of your videos are mindblowing to me, but you weaponized shortcuts here !!!
This thing is so powerfull. Very nice video!
Windows has a MAX_PATH variable in C that is 256 bytes, therefore, anything taking in a path (even if you /c cmd) will be limited to 256 bytes
0:15 : Interesting....🤔
Are there any other interesting polyglot file format hybrids that exist? Seems like an interesting video series idea
PKZIP (.zip files) will polyglot with almost anything since they put all their header information at the end of the file rather than at the beginning. in fact pretty much all self extracting zip files that exist are extremely-easy-to-create .exe/.zip polyglots. you take a generic exe zip extractor that tries to open itself as a zip file and just concatenate whatever zip file you want.
I had this doubt (can we alter this application) since I accidentally opened a software's shortcut with VS Code and got to see this whole messy binary thing, and thankfully I understand now. So thankyou for this video :)
I remember doing this lnk thing to be able to play diablo 2 in windowed mode by adding a -w at the end :p
Quite informative video, John. Thanks for your hard work!!!
John really appreciate how you take informative information and present it simply and effectively. Love your channel.
sir awesome stuff... please upload more videos about this kind of topic.... seriously awesome....we love you sir❤
Brilliant creativity bro😁😁
Keep Going Up❤❤
really creative solution!
How would you deploy it tho? (Curious as a nontech [IT-ignorant] individual)
post exploitation
@@MoofyYT I realise that. What I was unsure about is whether it's just snooping or also tagging and backdoor -- again, being an nontech individual
@@MoofyYT or even email it in a zip file with other innocent files, and hope the person runs it
@@iWhacko yep this. Or even as a standalone with a shortcut to a site, and lolbin download of another payload in the bg. But normally I'd just drop one in an open share of an internal.
You are on sponsored!
I have been here 5 minutes since the video has been uploaded
Polyglot is a pretty senseless way to call it.. conglomerate? heck, even alloy makes more sense.
thank you John!
Love the out of the box thinking in an easy to follow process
Love your Red Team shirt where can I buy one? I want to get that shirt! Thanks
🍔
I was thinking about someone on RUclips comments, or in a live chat, I forgot where, who said that he/she hates people that talk with their hands. Hahahaha. Seeing you talk with your hands, like I, and many of us do, reminded me of that. I'm part Italian, and Italians are known for talking with their hands. :3 Cheers, brother! Shalom. 🤝😁
Weird, dude
It's boring to look at someone completely motionless talk
Oh wow this is really cool!
It is my unfolded Thanksgiving for your restless and selflessly working for the benefit of needy users like me who founded in the edge of cliff resulting me loose up trust from someone who is presenting youtube videos help fix problems with Google betrayal to privacy, selling users data and irresponsible in stay safe to google account and passwards etc was pushing me to the new" IT and Hacking courses" inorder providing study,, knowledge and skill on how to get out of problems indepently by using my ip adress, google account network,wifi since months ago.
This is one of usefully presented video out of what you have share users, especially me from the day of onsets of these problems.
Thank you, now I see those little fellars with different eyes. 😂
Regular Hackers: Just open this file!
John: Just open google chrome
guys i need to know is ai the go to for subnet solving now, like literally is it , and by the way john i hear you mentioning opening the flood gates by learning programming first ,i have books but its so theory based and im a hands on guy can you make a in depth video of your theory
Can it run calc.exe? Yes, it can! ❤
More malware super good
I was hacked by this same method
Awesome video jhon❤❤ 🇮🇳🇮🇳🇮🇳🇮🇳❤❤
You can't get away with this.
N O I I C E ! ! 👏👏👍🏼👍🏼
THIS IS FIXED BY NOW RIGHT?? I JUST TRIED IT AND IT DOESN'T WORK SO I'M HOPING ITS FIXED AND I'M NOT JUST FUMBLING SOMETHING
nevermind...super bowl mode fumbles
how to make every video fun and intersting ??? it is easy just be john hammond !
Amazed!
i just deleted all my shortcuts.... thanks :)
Too late , lol
Jhon ever with nice content
I Enjoyed ,you are genius I love you thank you very much 🤩😍😍
after connected with kali a windows machine, what are the commands i can run for showing data of victim machine, if i start anything that thing opens in victim machine, show how can I use victim's computer
What a good rat program and where to get?
Goooooooooooooooooooood 🎉
Please help, If I try this with a .lnk file extension with the copy command I get an error saying that the system can not find the file, but if I try it with a .png or any other type file it sees it. PLEASE HELP 6
hours in!!!🤔🥴
INTERESTING!
When you copy that malicious hta file to the exe, it becomes gibberish. Is there any way to extract the hta?
I dont see the need for having the .lnk data in the start of the .lnk file, if we are just going to change the target anyway, why not just write a hta file, change the file extention to .lnk and do the same. Wondering if I'm missing something here
To keep things at stealthy as possible and still be functional. A .lnk file will fly under the radar for most users, especially if it looks like it's for an application you have installed. A random .hta file showing up anywhere would raise a few alarm bells or at least a furrowed eyebrow or two.
With a .lnk file, you can set the properties of it like icon etc. to obscure its true function even further. A .hta file that's been renamed to a .lnk file will just give an error when someone tries to run it because windows will treat it like a .lnk file.
if it's renamed to .lnk windows will treat it as a link and give you an error because it doesn't know how to interpret the data as a .lnk file. you specify how to run it using mshta.
vbscript soon deprecated
but MS just have added full blown python-support into ms-excel , gotta luv MS for adding some additional attack-vectors.
I've followed the instructions to the latter and it doesn't seem to work on the reverse shell part
@@MADhatter_AIMdoest the python run on their servers, and only available for paying people
Very nice
so if .ink extension is a doubftul file meaning can it be mwalre bro
can you embed with .pdf file ?
Interesting!!!
i made a shortcut to run a bat that would run a powershell script that would run a script embedded in a image
Early crew. :3
excuse me Mr. Hammond, i have a question. If you have windows defender running, this lnk "malware" file can bypass it or it will be blocked when executed?
it can run, but depending on the script it might be detected. the standard metasploit payload will most likely be detected.
Now defender is detected ink shortcut to run any comments,...
i enjoy it
You should help Ukraine with your cyber skills! I learned some of my most advanced skills here
8 minutes I’m in.
Nice! :)
plss help me my microsoft account is hacked plss reply
Creative tutorial
Eh
Yooo
Hi
Is this pay what you can training only available in America or something? The lowest you can pay is $295 - I don’t understand why it is called pay what you can, when it isn’t pay what you can at all.
Did you click on the course and actually go through until you choose a payment option?
That price is for access to their Cyber Range. You can buy the 16 hour SOC Core course for $25, but you don't get access to their infrastructure nor their labs running on there. Honestly, $295 for access to an industry leader Cyber Range is worth it.
@@xCheddarB0b42x His point was that the slogan is misleading, not that it is expensive
im in europe, if you go through the registration process at the last option you can choose how much to pay. It used to be free, but I think they changed it to 25usd so they get less no-shows, since people who pay nothing don't lose anything by not showing up.
@@apekatt2007 it's not, though
very cool shit ;)
wtf how
Sir can you help me to get back my money i got scam
Nice, kinda cringe seeing this here, but nice
12th comment
I'm first ❤😂
you lost me a little😅
first
32nd
third
I’ll pay u 1000$ if u can code me a program that force ops on a Minecraft server lol
lmao, who tf even uses desktop shortcutes when you can just WindowsKey search every program? Or just pin it to the taskbar LOL
ur channels dying :(
@@lumikarhuhuh really? isn't John supposed to be a well respected member of the ethical hacking community? or at lest on youtube?
october to end of december is always pretty busy for anyone in cs field. the man can take a break i think. 😂 "cHaNnEl DyInG" naw man thats not gonna happen
What is the other content creator@@lumikarhu
Talking much and actually doing less 😂
U can talk about a userland rootkit named r77 rootkit in windows,it is fileless rootkit
Hello guys I went to support me l. Software open , file type "pksz "