Hidden Images

Hidden Images
Download Copy
Title: Hidden Images
Author: Paul Murton

A (naive) user may attempt to hide image(picture) files by simply renaming them to appear to be other filetypes (i.e. Word documents etc). This payload uses a powershell script to walk the userprofile to look for image files that have been hidden in this manner. It ignores files with image extensions, and checks the file headers for known image file headers. The output is put into a CSV file in the folder \loot\image-files

Incident Response, or simply IR, is all about managing the aftermath of a security breach. It's all about identifying, minimizing and containing damage as quickly as possible, as well as remediation such that the risk of additional incidents are minimized. A good incident response plan outlines the responsibilities of all parties, in addition to the procedures the organization takes to manage the incident. Having containment payloads developed, tested and at the ready before an incident will save valuable time when needed. See all incident response payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

BlueBunny
BlueBunny
BlueBunny is a C2 solution that communicates directly over Bluetooth-Low-Energy with your Bash Bunny Mark II. Send your
Read More
SleepyMacRick
SleepyMacRick
Installs a script that will listen for user activity in the background. When the user starts working on the machine, a R
Read More
MacAlertPhisher
MacAlertPhisher
Creates a customizable alert that prompts for the victim's credentials and shares them with you via Discord.
Read More