Hidden Images

Hidden Images
Download Copy
Title: Hidden Images
Author: Paul Murton

A (naive) user may attempt to hide image(picture) files by simply renaming them to appear to be other filetypes (i.e. Word documents etc). This payload uses a powershell script to walk the userprofile to look for image files that have been hidden in this manner. It ignores files with image extensions, and checks the file headers for known image file headers. The output is put into a CSV file in the folder \loot\image-files

Incident Response, or simply IR, is all about managing the aftermath of a security breach. It's all about identifying, minimizing and containing damage as quickly as possible, as well as remediation such that the risk of additional incidents are minimized. A good incident response plan outlines the responsibilities of all parties, in addition to the procedures the organization takes to manage the incident. Having containment payloads developed, tested and at the ready before an incident will save valuable time when needed. See all incident response payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Smb ExfiltratorV2.0
Smb ExfiltratorV2.0
Exfiltrates select files from users documents folder via SMB.
Read More
Bouncy Coil
Bouncy Coil
This payload uses Powershell to create a O.MG Coil that bounces around the screen.
Read More
A.S.E - Advanced System Exfiltration
A.S.E - Advanced System Exfiltration
This slow, and steady staged payload takes it's time and gleans detailed system information using Powershell, Ducky scri
Read More