Simple script to hide a file file.pdf in an image image.png then write it into steg.png image which is originally the image.png
Then, it recovers the file.pdf from steg.png to hola.pdf.
#!/usr/bin/env ruby# KING SABRI | @KINGSABRIfile1, file2 =ARGVsec_file =File.read file1 # 'file.pdf'nor_file =File.read file2 # 'image.png'sep ='*------------------------*'one_file = [nor_file, sep, sec_file]# Write sec_file, sep, nor_file into steg.pngFile.open("steg.png",'wb') do|stg| one_file.each do|f| stg.puts fendend# Read steg.png to be like "one_file" arrayrecov_file =File.read('steg.png').force_encoding("BINARY").split(sep).last# Write sec_file to hola.pdfFile.open('hola.pdf','wb') {|file| file.print recov_file}
Note: This has nothing to do with bypassing AV.
Simple Binary file to Hex
hex-simple.rb
#!/usr/bin/env ruby# KING SABRI | @KINGSABRI# Simple file to hex converter script#file_name =ARGV[0]file =File.open(file_name ,'rb')file2hex = file.read.each_byte.map { |b|'\x%02x'% b }.join # b.to_s(16).rjust(2, '0')puts file2hex
ruby hex-simple.rb ../assembly/hellolinux
Or in one command line
ruby-e"puts File.open('hellolinux').read.each_byte.map { |b| '\x%02X' % b }.join"
One of the important task to do post exploitation is find weak executable file permissions which might be executed buy root/administrator user trying to elevate our privileges on the system. At the same time, our scripts must be applicable for all systems
find777.rb
# KING SABRI | @KINGSABRI# Find all executable, writable files in the path#require'find'path =ARGV[0]search =Find.find(path)defwx_file(search) search.selectdo|file|File.file?(file) &&File.executable?(file) &&File.writable?(file)endendputs wx_file search
You can search for read, write, execute permissions, so your iteration block will be like