Create a Reverse Shell Using a Fake MP4 File [Tutorial] 

Yeah I was confused by that as well.

Now there's a follow up video idea! Any takers? (If it were applicable, Microsoft will of already patched it)

Actually it doesn't work that easy. If you copy a link, which is what this is, to another computer, it will ask you if you want to trust it before running it. All he is doing here is click baiting you and others to his RU-vid video. It looks like he zipped the "fake" file on his virtual computer, because ALL links made in this fashion will ask you if you trust it for the FIRST run on THAT computer. It will NOT just run as he has shown. You copy it to a new computer, if it copies at all, because it is often refuses, and you have to allow it to be copied, and on the new computer it will ask for permission again, when run for the first time. There is something fishy going on here that he isn't telling you. Windoze is easier. Have a batch file run something and load your payload into the directory that runs things when Windoze is booted. I once turned a screen upside down using this method. It took him an hour to fix it.

@@lesliesavage9229 ay bro can you explain more indepth on this?

@@lesliesavage9229 can we talk more u seem knowledgeable and i’m trying to learn

@@revelingg I am talking about two different things, so I am not sure what you are asking. I just set it up again just for you on two Linux operating systems, and it still doesn't work. How many ways can this be explained that it will not work over the net on Linux Mint? He is dead at the link, and he needs one computer to be open to the net, which he never covers. He needs access to the target computer, which he doesn't have to set up netcat, and know which ports are open. It doesn't even work locally, which is all of his demonstration. He isn't showing something, because even links don't work like in this video. The first time you open a link it asks for permission, and his never does, he is lying by omission or using an outdated version of Linux Mint. No other way to put it.

Maat wat doe jij?

🤣🤣🤣

too bad, now he's gonna hack you

yo buddy

Even blinked with just one eye a couple of times

Its the ip of the linux vm

​@@sluvvr That does not make a lot of sense to me. The netcat listener is running outside of the vm, the code that is shown on 4:44 is running inside the vm. So that would mean that the vm is connecting to itself, which it isn't. He also said "change this ip address to .162 as well", but he never set anything else to .162

@@thepianoaddictHe did it right, he set the IP X.X.X.162 for netcat to connect to the target && he got connected coz the VM is running on bridged mode.

@@abhishekrajput9434 "he set the IP X.X.X.162 for netcat to connect to the target" Yes, so he did it wrong, because the code is run on the target. I makes no sense to let the target connect to itself. "he got connected coz the VM is running on bridged mode." That would explain why it still works even though he didn't do it right.

​@@thepianoaddict That's what a reverse shell does? It connects FROM the target TO the host.

I agree, this heavily falls under social engineering. Hell, you could even send someone a straight sh script, if they believe you're tech support.

Why don't you make a video about that

Totally agreed Cyber Cat, when I was watching this video i felt like this guy was talking out of the context, which doesn't even match with the subject of this video, the explanation is not upto the mark, secondly, when you are explaining anything, explain the important points and don't stretch it more by talking some useless things which are not even closer to the actual subject, idea is good though, 👍

nano virgin

I like vim and Gedit

Even if you didn't display file size in the FM, chances are whatever method was used to get the file in the first place would show it's size as well- probably even multiple times (once in the e-mail before downloading, then again in the download progress). For that matter the speed of the download would also be an indicator as well. However perhaps most importantly, I presume that junk space can be added to the file to make it appear the proper size. So it would not be a reliable method of detection. I think that the main flaw (which is quite minor) is that there will be major lag between running the file and the video playing. I think that the video doesn't stream, so it would download in full before playing, no? He did say "stream" once though so maybe I'm mistaken.

Maybe putting a . before it's name might work... As it will become hidden like the .ssh folder...

I'm not sure if you watched the video? From what I understand you're asking how to hide a file that doesn't need to be there in the first place. One only needs to send the fake file, not the video file.

@@MsHojat No, because the fake_video file just executes its code and then runs the real_video file. the video isn't embedded into the file

@@kylo8846 no it streams the video online, hence the python server

surprised so many others didnt notice🤦‍♂️👍

You can do port forwarding to seem like you're in the same network as the target, that's how backdoors work don't they?

@@prakharmishra3000 😂😂 I’ll give you points for effort but it’s not exactly right

@@PotaytoDestroyer well I don't know much about networking, can you explain why?

@@prakharmishra3000 rtfm...

Good point! Including that was my mistake

Oh, yeah

I mean you could use a domain and the server behind it.

Of course, the commands are completely seperate. you can in fact even change everything in there as they are just batch commands

Wait till you get to the netcat part and that doesn't work either because you have the firewall up.

Yo

yes i am also he save file name .desktop and he got mp4 file 7:05 i think they make fool of us XD :(

I'm pretty sure it was automatically done by the file manager using the metadata when it unzipped the file, which is probably why this exploit only works with specific file managers

Desktop files are links in Linux. The first time you run them, which he didn't show you, it gets rid of the .desktop extension, but it comes back when ran on a new computer.

Linux

try empire, its basically the same thing but has that option to show the thumbnail so its a bit more convincing

no, because it essentially requires that the target machine is pre-compromised. It's not a hack, it's just a file that does something while also playing a video. A cool thing to mess around with, maybe even useful, but not a hack by any means.

I don't think so because you need somesort of storage or more like sapce to accurate that and I don't think Android got that sort of access to memory to execute the code and I don't that kind of access can be found on Android at least on unrooted one

exe files are for Windows. This exploit is only specific distributions of linux.

Buy a Bluetooth adapter

@@hthbynaheem3689 like wifi adapter there is separate hardware for bluetooth ie; (adapter)??

you nicely ask target to open it

Kali Linux

It won't work at all with the firewall up.

ikr he is such hackerman

How?

Lol, post a video of how you prefer yours done lol. This video is a cool video

​@@strictlyirving498Just use rats, learn how to

There are some related exploits that are comparable in Windows. However as far as I know they will always have the shortcut indicator on the icon which would require the user to be a bit dumber to run.

With a static public ip it can work everywhere (with Linux)

I too

Could be done on windows using a payload like Powercat or a using HTA file in MSploit and venom. You need to obfuscate the payload the same way, and it should work the same.

@@mikebenson9423 Any video guide?

@@mahirfr everything is not on video. The main part of hacking is reading documentation and fail again and again. You know what you want to acheive. You can acheive it on Linux. You want to achieve the same thing on Windows. So you go to Google and search for : "Windows Reverse shell", then you analyse the different codes and scripts, and try to work with one of them. When it's working use the same way of the video, adapt to windows, to obfuscate your code. And it should work. Search, read, search again, read again, try, fail, try, fail, try, fail, try, fail...try..it worked ? No it failed...try again and again and again. Be patient. The more you try, the more you fail, the more you learn.

@@mikebenson9423 I fully understand what you are trying to say. I also get to acknowledge that if you see a tutorial or read a guide it's all time straight forward that's why you don't get know to other things related,.. (I mean not always you get to know) so thanks.... I realize now..

Not based on example shown. This one is set to linux file mgmt + reverse shell /bin/bash

It isn't going to work anyway. If somebody sends you a link in this manner, clicking on the link will put a dialog box asking you what to do with it. If they changed the dot address to, for example .MP4, it will try to open in your player that will show an error. He also doesn't cover how to do a netcat over the net, which means everything here is local, or on your net work only. It's just not workable in the real world.

Cherry MX blue

Yah, Where is he

Hacking

Google DynDNS or use a server

so i got it but its still listening and cant find it