Exe2Image

This is A simple utility to convert EXE files to PNG images and vice versa. This is written using Java 8. Inspired by this article.

Putty.exe converted to an image using green pixels.

Download:
https://github.com/OsandaMalith/Exe2Image/releases

This tool was added to PentestBox : https://modules.pentestbox.com/#forensics

Softpedia:
http://www.softpedia.com/get/Security/Encrypting/EXE-to-Image-Converter.shtml

Other Shares:
http://www.kitploit.com/2017/09/exe2image-simple-utility-to-convert-exe.html

Advertisements

LFi Freak – An Automated File Inclusion Exploiter

I am sure you know about exploiting file inclusion vulnerabilities. In file inclusion situations in common we can read files arbitrarily in the system or remotely depending on the permissions. In PHP environments commonly we poison the log files or inject malicious PHP into the user agent header and load the “/proc/self/environ” file. However when we encounter file inclusion situations in PHP environments we can use the in-built PHP wrappers to make our exploitations much easier or perhaps bypass existing filters.

There are lot of LFI exploitation tools available but I’ve written this tool mainly focusing on the usage of “php://input”, “php://filter” and “data://” methods.  Even though the title explicitly conveys “LFI Freak” this can be used for RFI vulnerabilities as well. This tool is written in Python 2.7 and I have included binaries for both Windows and Linux systems. If you are running from the source or want to modify this, you need the BeautifulSoup library.

Here is a small walkthrough of the features of the tool.

To test for local or remote file inclusions you can use the option one “Automated testing”. I am using DVWA in here. To test this tool create a small vulnerable file.

<?php
	echo "File included: ".$_REQUEST["page"]."<br>";
	$file =  $_REQUEST["page"];
	include $file;
?>

Continue reading

Wi-Fi Hash Decrypter


My previous tool needs admin privileges. I thought of writing two applications, one application for dumping the encrypted hashes from the system and another for decrypting the hashes. Since CryptUnprotectData() function needs a local system account run the decrypter application using PsExec. I have written a batch file for it. Continue reading

Blue Ivy Logger

Blue Ivy Logger is a powerful keylogger for Windows environments. You have a variety of options to generate your customized logger. Author takes no responsibility for any kind of damage you cause.
This is developed for educational and research purposes only. Use this at your own risk.

Download:
https://github.com/OsandaMalith/BlueIvy

Creative Commons License
Blue Ivy Logger by Osanda Malith Jayathissa is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Based on a work at https://osandamalith.wordpress.com.

ChromeFreak

Overview

This is a tool I coded during my ‘awurudhu’ vacation in here. A powerful forensic utility for Google Chrome. I’ve researched the most important databases and improved the existing queries and wrote this tool.  You can customize this tool as you wish. I hope you will love it 🙂

Features

  • Works with Windows, Linux and OS X
  • Can investigate databases and files effectively
  • Written in Python 2.7

Continue reading