Skip to content

backdoorppt 'Office spoof extensions tool'

Latest
Compare
Choose a tag to compare
@r00t-3xp10it r00t-3xp10it released this 13 Jan 01:04
· 31 commits to master since this release

![backdoorppt](https://github.com/r00t-3xp10it/backdoorppt/blob/master/bin/logo.png)
Version release: v1.5-Stable
Distros Supported: Linux Kali, Ubuntu, Mint
Author: pedro ubuntu  [ r00t-3xp10it ]
Suspicious-Shell-Activity© (SSA) RedTeam develop @2017

Transform your payload.exe into one fake word doc (.ppt)

Simple script that allow users to add a ms-word icon to one
existing executable.exe (using resource-hacker as backend appl)
and a ruby one-liner command that will hidde the .exe extension
and add the word doc .ppt extension to the end of the file name.

Spoof extension methods

backdoorppt tool uses 2 diferent extension spoof methods:
'Right to Left Override' & 'Hide Extensions for Known File Types'
Edit the 'settings' file to chose what method should be used..

cd backdoorppt && nano settings

backdoorppt


Dependencies (backend applications required)

xterm, wine, ruby, ResourceHacker(wine)

'backdoorppt script will work on wine 32 or 64 bits'
'it also installs ResourceHacker under .../.wine/Program Files/.. directorys'

transformed files on-target system (windows)

backdoorppt


Usefull links

backdoorppt main page
backdoorppt - bug reports
backdoorppt - youtube videos
https://www.youtube.com/watch?v=cEkzsBwZV8M

Special thanks: Chaitanya Haritash
"For all the help provided in debuging this tool in diferent operative systems"