WHAT'S NEW?
Loading...

WinRAR Extension Spoof By Moneyarea4all

Hey guys,
Today I am going to briefly show you a neat little exploit that is available in WinRAR, version 4.20. You may or may not of heard of it, but it involves editing WinRAR's 'second' filename.



Prerequisites:
- WinRAR 4.20
- A hex editor.
- A file to spoof.


Method:
- Okay, so first things first you need a payload/file you wish to spoof. For sake of demonstration I have placed this in an empty folder. As you can see, under type, it is labelled as an application. It has the .exe extension.
[Image: 0u34Tb7.png]

- Proceed to right click the file, and providing you have WinRAR 4.20 installed, click 'add to archive'.
[Image: OHAJvdL.png]

- Choose to pack the file into a .zip archive.
[Image: hkrVqVf.png]

- Open your hex editor, and open the .zip file you have just created.
[Image: pVY7vlI.png]

- Scroll down, on the far right column and just above the very bottom line will be the file name and extension.
[Image: EuzvGer.png]

- Change the extension to the one you desire.
[Image: UrCM3fN.png]

- Save, and check out your .zip file!
[Image: ewV9fI4.png]



So now you have a successfully spoofed file! While this does not fool most AV's, it is good in aiding SE'ing someone into opening a file - lots can be done with this method to say the least, even if a little outdated.

0 comments:

Post a Comment

!!!THANK YOU VISITING OUR BLOG!!!