@@The_Wafool "hacking" is not the same as "stealing people's data and damaging property". So no, hacking is not illegal. What is illegal is using means of hacking to commit actual crimes like stealing, harassing, damaging property, etc. In the same way that teaching people how to pick locks is not illegal either. Though, in many situations, people may state that "hacking" IS "stealing data" as an over simplification of the word. This over simplification causes confusion and makes people think that Hacking is (and can only be) the act of breaking security for the purpose of stealing (and other crimes), but you can hack without causing damage to anyone. Hacking is simply the act of bypassing of security measures, or breaking some other system to gain access or priveledges. But if you have been given permission by the right people to have such access or priveledges, then it's not illegal. And spreading awareness of computer security flaws, like how @ebolaman_ has done here, helps everyone to know how to protect themselves against these exploits. If this was not shown here, it will still be shown in other places where actual criminals hang out. Showing these security flaws can even lead to an eventual patch of the flaws. So keeping this information secret can be more dangerous to everyone.
@@Yazan_Majdalawiit will, but who looks at that In fact many scammers will just name it "pic.png.scr" and hope that the victim has the "hide known file extensions" option enabled, because it's still the default on Windows lmao
this is old one, if you do this, even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)
It's useful to know how they work. You can learn some interesting code too, help to defend people against malware and learn how to remove the persistent back doors. Just don't get hit by a crypto locker.
.scr is an shortcut for screensaver executables. It's exactly the same as normal executables, but isn't .exe. EDIT: Also, it's better to change the shortcut executable to "cmd.exe /c .\image.png", because when you leave the full path (c:\users\boris\...), it only supports your location of the folder with your username. But still, good video.
Good video. Knowing how to do dangerous things helps in defending against them. For example, to defend yourself against this, use a custom system icon pack and disable thumbnails. No antivirus needed or keeping your eyes peeled for extensions. Also, your default icons look cooler.
Doesn't help if you're a high value target, the real trick is to know Windows screensavers are autoran executables, and to check the file type. Or use Unix because NT has one of the most comprehensive filesystem permission systems ever that doesn't have execute as an attribute.
You can also just have file extensions visible by default. But the more steps you take, the safer you'll be. The scary part is that these changes only help you if you know what you're looking for. Imagine the normal user...
RLO is already detected by most AV's .scr is also detected by most AV's now and will be stopped by WD smart screen. the .lnk method works but will be caught by behavior dynamic analysis which most AV's have. double masquerade extensions will also be caught and stopped by smartscreen.
The fact that Windows lets you use the RLO in filenames and it actually works is crazy. They didn't think at all about how this could be used, or they did but didn't care. There should be some kind of indication of every type of character in a filename, be that a color change on reversed text or whatever.
the RLO method doesn't work after uploading a file to 99.9% of file hosts online. you shouldn't be scared. if you're skeptical, you can always just right click and check the properties
@@pinguluk1 no that’s not possible because of how discord works. When you send an image, discord harvests that information and displays the image, more or less like a middleman, in other words it’s literally just an image, you can’t hide executables in it.
@@pinguluk1 yeah there somewhat was. for others in the replies: .WebP (note; webp wasn't the only thing that was exploited nor was it only discord related but its the one with most information.)
@@infectieonUploaded images with machine code execution will get rejected because they're not REALLY images; The headers and offsets are wildly different and be considered corrupt or invalid. You only need to worry about fake 'images' stored directly on your file system, and make sure not to run them.
Also the reversed text trick used to spoof the file format works only on explorer and a gew other programs, in the most of apps this trick won't work and the original file format will be shown
I'm like a lot of people here I'm like a lot of people here who are really scared if youtube bans you. Your knowledge is amazingwho are really scared if youtube bans you.
the RLO trick is not gonna work since even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)
Yeah this isn't actually a danger to anyone. The only reason windows isn't freaking out about the file is because it was made on his computer. If you were to upload that to the Internet and try running it on another computer it'd get instantly sent to the shadow realm by even the worst of anti viruses
@@ILoveTinfoilHats I tried making my own, and Windows Defender successfully stopped it from executing. Maybe the video uploader disabled Defender for the sake of the demonstration?
? It doesnt have to have an educational use, he's educating on a subject, which makes the video educational. Whether that be if you were educated on how to infect other peoples machines or to better protect against having your own machine infected, this video was by definition educational as it taught something
the RLO method doesn't work after uploading a file to 99.9% of file hosts online. you shouldn't be scared. if you're skeptical, you can always just right click and check the properties
Why not just make the shortcut point to the hidden webhook.exe file instead? If they're looking at the properties in any case, they'll see that it points to an .exe and not an image 😅
@@beamsandshits your channel is literally roblox exploits, why you bein a kid instead of doing real sh*t? No need to get mad but if you're into cyber do it all the way and not like a clown
@@Dino-zg2vx when youre renaming the file just right click on the file name and it should give you those options. he literally told you to pay attention
this is why i avoid windows at all costs; over here on linux, you need the executable permission/flag set if you want a file opening to result in it running code
@@Bo0mber "painful to use" clearly you havent used windows with it's painful constant crashes & all around instability "vulnerabilities" true, however let's not pretend windows doesnt have the same ones + a bunch of phishing ones - this video essentially describes a text-rendering bug allowing you to perform a phishing attack, something that i would like to see happen on linux tricking users into opening an "image" is way easier than any phishing attack that relies on literally anything on a modern, up-to-date linux system ever will be also, since we're now comparing actual vulnerabilities, i can still load genshin's kernel mode driver for free kernelspace privilege escalation on a system which never had genshin installed - it's still trusted by windows :) microsoft doesn't give too much of a fuck about fixing legitimate vulnerabilities, linux kernel & other critical-inifra developers usually do.
to clarify: the text-rendering bug is only a bug due to it's possible use-cases; I get the use for an RLO, it's just considered a bug due to it being abusable in this specific context.
@@HeyVSauce saying I haven't used windows is so ridiculous I don't think you believe it either. As far as stability goes, from my quite limited experience with ubuntu, I can say it is way less stable and usually when you try to make something work in linux it takes several hours of recearch, whereas in windows it just works right away. I also don't remember the last time I've seen something crash, maybe it is because my computer isn't 20 years old? As for vulnerabilities, I'm not arguing about how many there are in each os, I'm just saying it's quite dumb to pick an os based on this factor when "preffered" os isn't even free from them
@@Bo0mber ubuntu is maintained by canonical, a company not known for anything except being idiotic amongst the linux community. when I run windows for testing shit, I'm running on like 2-3 year old hardware, and the amount of random crashes I get when doing the simplest of things is insane - sure, it won't just crash when opening notepad, but it is a very unstable operating system. even just the APIs it provides to usermode applications cannot stay stable for 0.3ms
webhook.exe is just a placeholder (so i dont get banned), you can use the methods in this video with a token logger, rat, etc
very *Educational Purposes
you do realize computer hacking is very illegal
have how send the code of the weehook.exe
@@The_Wafool "hacking" is not the same as "stealing people's data and damaging property". So no, hacking is not illegal. What is illegal is using means of hacking to commit actual crimes like stealing, harassing, damaging property, etc. In the same way that teaching people how to pick locks is not illegal either.
Though, in many situations, people may state that "hacking" IS "stealing data" as an over simplification of the word. This over simplification causes confusion and makes people think that Hacking is (and can only be) the act of breaking security for the purpose of stealing (and other crimes), but you can hack without causing damage to anyone. Hacking is simply the act of bypassing of security measures, or breaking some other system to gain access or priveledges. But if you have been given permission by the right people to have such access or priveledges, then it's not illegal.
And spreading awareness of computer security flaws, like how @ebolaman_ has done here, helps everyone to know how to protect themselves against these exploits. If this was not shown here, it will still be shown in other places where actual criminals hang out. Showing these security flaws can even lead to an eventual patch of the flaws. So keeping this information secret can be more dangerous to everyone.
@@The_Wafoolno way, its very much legal man what are you talking about?
Educational purposes is pretty much the universal dev excuse now
I guess it is the same for nudity counting as art.
@@F1L337t w i t c h
Not really, he showed us how is it made so now we're aware how to be careful in case of sus file
it is educational init
I have soo many *educational purpose* ideas!!!🤣🤣
That right to left override character in the filename was absolutely devious
But I think the extension in the properties menu would still be the right one
@@Yazan_Majdalawiit will, but who looks at that
In fact many scammers will just name it "pic.png.scr" and hope that the victim has the "hide known file extensions" option enabled, because it's still the default on Windows lmao
@@Archimedes.5000man.. Windows. I'd be on Linux still if devs supported their stuff on it more
the phrase educational purposes only is the one thing keeping this channel from not being cancalled
He hasnt done anything illegal.
Y can hide virus by this method @@MAGNETO-i1i
It's not like he is going to distribute any zero day exploit through youtube video.
@@MAGNETO-i1iyeah, nothing legal. It's like watching hentai knowing all characters are over 18
The RLO trick is actually something I didn't know even as a CS student, thanks!
this is old one, if you do this, even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)
@@catorlife can confirm, it's been like this for a while now
The name will go back to it's original form once you upload it somewhere, so not useful even if the target has no antivirus
there are file managers that separate extension from rest of name like double commander
Wow even as a CS student ? Xdd
malware tutorial 😭
thatts his whole channel
lol
@niikolehmainen Real.
@koolehmainen sure but I'm on Linux so idk if it'll work the same
It's useful to know how they work. You can learn some interesting code too, help to defend people against malware and learn how to remove the persistent back doors. Just don't get hit by a crypto locker.
.scr is an shortcut for screensaver executables. It's exactly the same as normal executables, but isn't .exe.
EDIT: Also, it's better to change the shortcut executable to "cmd.exe /c .\image.png", because when you leave the full path (c:\users\boris\...), it only supports your location of the folder with your username. But still, good video.
True but you're sending it to someone else anyways
Wtf .scr is 'script' not 'screenshare'
@@андрей_свиридов it's Screensaver
@@андрей_свиридовeveryone is wrong it’s screen saver😂
@@Meletion1 yeah, that too. I have bubbles.scr installed as my Win11 screensaver :)
educational purpose only. Enjoy 💀
Good video. Knowing how to do dangerous things helps in defending against them. For example, to defend yourself against this, use a custom system icon pack and disable thumbnails. No antivirus needed or keeping your eyes peeled for extensions. Also, your default icons look cooler.
Could you tell that how do you switch to a custom system pack and disable thumbnails
@@Cryptocurrency69 ask Google
@@Cryptocurrency69 Both answers depend on your operating system. You'll have to ask mama Google.
Doesn't help if you're a high value target, the real trick is to know Windows screensavers are autoran executables, and to check the file type. Or use Unix because NT has one of the most comprehensive filesystem permission systems ever that doesn't have execute as an attribute.
You can also just have file extensions visible by default. But the more steps you take, the safer you'll be. The scary part is that these changes only help you if you know what you're looking for. Imagine the normal user...
Bro you literally got the the info i was finding for 2 years
I was tryna find this for so long and this was here the whole time????
frr
The question is whether windows defender detects it as malicious? Or does it depends upton the the exe that is being executed.
Shit I was doing 25 years ago
@@xodzphone I was doing it 50 years ago
Damn its very rare that i find interesting channels ln RUclips
instructions unclear:
Im in the prison cell and re-watching this video
this is very improtant not for scamming but for being aware so its very important also this teaches u that the best antivirus is you
Its just wow 🤯
So nicely explained straight to the point!
bro's channel is surviving with the educational purposes excuse
:)))))))))))))))))
RLO is already detected by most AV's
.scr is also detected by most AV's now and will be stopped by WD smart screen.
the .lnk method works but will be caught by behavior dynamic analysis which most AV's have.
double masquerade extensions will also be caught and stopped by smartscreen.
Is Windows Defender included in "most AV's"?
@@phir9255probably yeah wd is the most annoying av because it just does to much I don't have it because it even blocks my work
@@phir9255windows defender is an AV (anti-virus software) preloaded with the windows OS
@@phir9255likely
@@phir9255 considering windows defender is default installed on all windows operating system, then yes it would be considered part of “Most AV’s”
You can embed code inside an LNK file, and have the link file run it, so you could also fit an image inside an LNK and do it that way!
i admit. i have been pwned by this in the past. it's such a good method
mixing this with being able to view other desktops and holy hell you're goated
The fact that Windows lets you use the RLO in filenames and it actually works is crazy. They didn't think at all about how this could be used, or they did but didn't care. There should be some kind of indication of every type of character in a filename, be that a color change on reversed text or whatever.
What about Arabs and Asians, millions would be pissed about having to type their filenames in reverse
This is scary simple. I don't know if I am suppose to be scared or surprised.
you can check the file extension and size when downloading files
both
Have you watched the entire video? because it can look like a png or whatever file and still run as a cmd. @@kamimatsuyama
the RLO method doesn't work after uploading a file to 99.9% of file hosts online. you shouldn't be scared. if you're skeptical, you can always just right click and check the properties
bro is helping the scammers😭
Slick demonstration man! It was fun to finally know how do they do this
Thanks to you, now malware creators will make the fake pngs
Cant wait to use this for educational perpousus only!
I remember this video
The amount of people who think that clicking the image sent on discord will execute it is hilarious
Wasn't there an exploit that basically did that?
They just send the embed from a other device once they click the image it’s all a scam
@@pinguluk1 no that’s not possible because of how discord works. When you send an image, discord harvests that information and displays the image, more or less like a middleman, in other words it’s literally just an image, you can’t hide executables in it.
thats why you only look at the embed
@@pinguluk1 yeah there somewhat was. for others in the replies: .WebP (note; webp wasn't the only thing that was exploited nor was it only discord related but its the one with most information.)
Now I'm scared for images. Luckily I'm on linux so no exe's, but still scary to think how easy it is to hide the real file extension
So ANY image on discord could be laced like this??? Wtf how do you even stay safe from this? Idk how to work linux
@@infectieonUploaded images with machine code execution will get rejected because they're not REALLY images; The headers and offsets are wildly different and be considered corrupt or invalid. You only need to worry about fake 'images' stored directly on your file system, and make sure not to run them.
Also the reversed text trick used to spoof the file format works only on explorer and a gew other programs, in the most of apps this trick won't work and the original file format will be shown
"linux is free if your time is worthless" proceeds to get hacked by an image
@@CluelessGeekthis was the cause by my change to dual boot windows/linux to just linux 😅
i'm torn over liking this for the educational purpose but also not liking so less people use this maliciously. nice explanation tho, kinda scary
what a legendary mic stand
cool old techniques you covered
yo man, idk from how many days I've been looking for something like this. thanks a lot for this buddy.
So have u been bleto tech virus to Gmail ?
I'll give a huge reward to anyone who can make it
@@guili-p7m i was able to do it. so what u gonna give me?
damn it, the RLO trick is quite surprising, for things like this you just better drag the file to the image editor
why is the hardest part to find the ico image😭
that's really cool! im not interested in doing this but i like the style of your videos and your explanation. Subbed.
I'm like a lot of people here I'm like a lot of people here who are really scared if youtube bans you. Your knowledge is amazingwho are really scared if youtube bans you.
the RLO trick is not gonna work since even Window Defender can catch this, it automatically consider the file as a trojan even when it's not harmful (test file)
Yeah this isn't actually a danger to anyone. The only reason windows isn't freaking out about the file is because it was made on his computer. If you were to upload that to the Internet and try running it on another computer it'd get instantly sent to the shadow realm by even the worst of anti viruses
@@ILoveTinfoilHats I tried making my own, and Windows Defender successfully stopped it from executing. Maybe the video uploader disabled Defender for the sake of the demonstration?
@@Lar_me yes exactly my point, even the crappiest of antivirus programs would catch this low-level bug
def gonna use this for educational purposes
appreciate it man
keep up the good work
First video I see of your channel and you definitely earned a sub. Tbh I don't really see how the "standard users" could not fall for this
This is getting out of hands
Thank you tho
Now I am immensely paranoid of all of those background remover and image downloading websites I have visited in the past! Wonderful!
One day bro is gonna hack the NASA and say that it was only for educational purpose
The best Explanation❤
you should show people how to detect these files
Do you still see a shortcut thing? Yes. It’s not perfect, but that’s pretty good.
Now I'm scared of discord img
Love some good bass boosted Xenogenesis by TheFatRat
thank you for this tutorial ebola man
My man earned a subscriber
fun fact: there is no educational use for thst
I am taking Cybersecurity as a trade, this is educational to me.
:D
how come? I learnt that Win is still a mess in these days.
? It doesnt have to have an educational use, he's educating on a subject, which makes the video educational.
Whether that be if you were educated on how to infect other peoples machines or to better protect against having your own machine infected, this video was by definition educational as it taught something
@@Noahitis that comment was from 5 months ago...
@@MiguelWilson0 people comment on my stuff from 6 years ago, it doesn't change the validity of what I just said
i love this man
Man i remember doing this in like 2001
Old person.
I wasn't even born yet lmao. You're awesome 😎💯
Yes thats what i says its too old 😂😂
That grassy hill image was taken in Sonoma County, California, where I grew up.
so if you open an image and it opens it doesn't necessarily mean that it is not a virus.. great job microsoft
this is insane, I better be careful with downloaded images from now on 💀
Same here
Same here
the RLO method doesn't work after uploading a file to 99.9% of file hosts online. you shouldn't be scared. if you're skeptical, you can always just right click and check the properties
underrated content creator
ok how to avoid it now
don't download anything
I subscribed right at.... you know. The one nobody buys. I totally never bought this program but damn if it doesnt seem to always be activated. Crazy.
but wont Windows diffender block that file if someone trys to download it
Its depends.
If has a malwer blocks it if dont it not
Fantastic video
Insane most of this stuff is just baked into the OS.. Windows really has no regard for user safety
Bro that's insane i really didn't know those techniques before holy shit that's scary
Why not just make the shortcut point to the hidden webhook.exe file instead? If they're looking at the properties in any case, they'll see that it points to an .exe and not an image 😅
I'll give a huge reward to anyone who can make it
This is very interesting. Might use it against scammers
when i do extention spoof #3 the output file is (img name).png.lnk why?
.lnk is the shortcut extension
nice dude, next turorial: how to empty someone bank account (just educational)
Skid material
We don't need more 15 year olds roaming around discord sending malicious files to other kids
i’m literally a professional skid
@@ebolaman_ lol, why not progress deeper tho?
@@htgg9006 what makes you think he hasnt
the only thing skid here is the skidmarks in ur underwear bro
@@beamsandshits your channel is literally roblox exploits, why you bein a kid instead of doing real sh*t? No need to get mad but if you're into cyber do it all the way and not like a clown
technically, you can go deeper with shortcut method without spoiling hidden file but it's gonna be multi-task command for cmd
Hi I noticed that there is no multi-tool video at your place. Could you please share this video on e.g. Google Drive or something else.
github.com/EbolaMan-YT/Multi-Tool
@@ebolaman_ thank you good person!!
Ngl downloading a file from this guy is the last thing I would do
Educational purposes=educating hacksers
can you make a slightly less complicated version?
alr
thanks alot first time a youtuber actually responds to their viewer good job@@ebolaman_
i mean its already simplified enough its not that hard to follow
for me it is@@pyro4888
thanks, now i "educationally" know how to give someone a virus.
hello do you know how to make a hwid spoofer? been watching these videos and tryna make one using the multi tool method as well.
Educational purposes only is the special key to not getting banned
what app did you use to 'short cut' the unicode rlo character?
right click>insert unicode character
@@ebolaman_ he wants to know how youre able to see that unicode thing
@@Dino-zg2vx when youre renaming the file just right click on the file name and it should give you those options. he literally told you to pay attention
@@Dino-zg2vx it's just built into windows
WE ARE MAKING A RAMSOM WARE WITH THIS ONE 🗣️🔥🔥🗣️🗣️🔥🔥🔥🔗🔗🔗
“Ramson”
When uploading it on discord, does it act like an actual png. Also what stubs do you recommend for roblox
idk abt roblox stubs but yeah it only works w discord if u zip it
@@ebolaman_ damn, are there any stubs you'd recommend
@@phsycdelicjs learn c stop being a skid >w
@@omggggggggg-jkyssmalware in C is very annoying to make
@@phsycdelicwhy u wanna beam so bad😂😂😂
Thats why I always use the “show file extension names” option
doesnt save you buddy
how does the webhook exe work
Discord bot
it sends post request to an url
bro is a prodigy
what about doing it by adding the executable to the shortcut as an alternate data stream so you only need to download one file
You will have to go into the registry to show the file extension but since the file extension for a shortcut is .lnk, it would seem really suspicious
Thank you ebola man
this is why i avoid windows at all costs; over here on linux, you need the executable permission/flag set if you want a file opening to result in it running code
Don't pretend that linux doesn't have a shit ton of other vulnerabilities. And I'm not even talking about how painful it is to use
@@Bo0mber
"painful to use" clearly you havent used windows with it's painful constant crashes & all around instability
"vulnerabilities" true, however let's not pretend windows doesnt have the same ones + a bunch of phishing ones - this video essentially describes a text-rendering bug allowing you to perform a phishing attack, something that i would like to see happen on linux
tricking users into opening an "image" is way easier than any phishing attack that relies on literally anything on a modern, up-to-date linux system ever will be
also, since we're now comparing actual vulnerabilities, i can still load genshin's kernel mode driver for free kernelspace privilege escalation on a system which never had genshin installed - it's still trusted by windows :)
microsoft doesn't give too much of a fuck about fixing legitimate vulnerabilities, linux kernel & other critical-inifra developers usually do.
to clarify: the text-rendering bug is only a bug due to it's possible use-cases; I get the use for an RLO, it's just considered a bug due to it being abusable in this specific context.
@@HeyVSauce saying I haven't used windows is so ridiculous I don't think you believe it either. As far as stability goes, from my quite limited experience with ubuntu, I can say it is way less stable and usually when you try to make something work in linux it takes several hours of recearch, whereas in windows it just works right away. I also don't remember the last time I've seen something crash, maybe it is because my computer isn't 20 years old?
As for vulnerabilities, I'm not arguing about how many there are in each os, I'm just saying it's quite dumb to pick an os based on this factor when "preffered" os isn't even free from them
@@Bo0mber ubuntu is maintained by canonical, a company not known for anything except being idiotic amongst the linux community.
when I run windows for testing shit, I'm running on like 2-3 year old hardware, and the amount of random crashes I get when doing the simplest of things is insane - sure, it won't just crash when opening notepad, but it is a very unstable operating system.
even just the APIs it provides to usermode applications cannot stay stable for 0.3ms
Esto podría ser bastante útil algún dia en el sentido "educativo"
Release the code that sends the message to the webhook as well as to the logger.
the code that sends the message to the webhook is an placeholder for a token logger
C# ? C++ ? Python ?
c#@@KyuDoesCode
Look for it on google
Keep it up man! That's awesome
you can literally teach people how to obtain interesting substances and add "educational purposes only" and completely pass off youtube
Imagine doing this in school 😭💀
it's very obvious that no one is going to use it in an educational way and they will use it for doxing.
hahahah really? main point you donkey, have a good xmas tho and stay safe
no shit sherlock
I'm impressed by RLO, I didn't know.
THANK YOOU
nppp
casualy doing gods work
what is ur patreon
www.patreon.com/EbolaMan
I know you're saying this is for "educational purposes" but this mainly enables bad actors to do these kinda of stuff
are you dumb...
Ebola man!
Proud to be a thiojoe watcher
I’m literally working on defense against file extensions and file uploads right now… gonna see if spoofed files get through what I wrote.
Ehehehehe
Definitely going into the saved videos
i clicked expecting to see the exe binary turned into tiny black and white squares in a photo and converting that photo back to executable code