Coder Social home page Coder Social logo

vaginessa / htmlsmuggling Goto Github PK

View Code? Open in Web Editor NEW

This project forked from abdulkadir-gungor/htmlsmuggling

2.0 0.0 1.0 16 KB

HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaScript features to hide malicious payloads and evade security detections. The HTML smuggling method is highly evasive. It could bypass standard perimeter security controls like web proxies and email gateways, which only check for suspicious attachments like EXE, DLL, ZIP, RAR, DOCX or PDF

License: Other

Python 95.30% HTML 4.70%

htmlsmuggling's Introduction

HtmlSmuggling

  HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaScript features to hide malicious payloads and evade security detections.

  The HTML smuggling method is highly evasive. It could bypass standard perimeter security controls like web proxies and email gateways, which only check for suspicious attachments like EXE, DLL, ZIP, RAR, DOCX or PDF

1) HtmlSmuggling.py : Embeds the selected binary file (exe, dll, docx, pdf, etc) into the Javascript file. Obfuscates Javascript functions. This makes it difficult to decode javascript functions.

  "HtmlSmuggling" attack type is an attack type affected by browser settings. In addition, EXE, DLL type files downloaded from the internet can be blocked by smartscreen. However, PDF, DOCX attacks are more successful.

htmlsmuggling   [jpg source: From the training notes, Abdulkadir GÜNGÖR]

Using the Script

[Command]

>> HtmlSmuggling.py filename filepath

filename: Browser refers to the file name to be given to the file to be downloaded. It is the file name that will be seen in the browser and the downloaded folder.

filepath: The path of the file to be downloaded

[Command Example]

>> HtmlSmuggling.py MicrosoftOffice.exe c:\Users\user0\Desktop\malware.exe
>> HtmlSmuggling.py Office365.dll c:\Users\user0\Desktop\malware.dll
>> HtmlSmuggling.py application.pdf c:\Users\user0\Desktop\malware.pdf
>> HtmlSmuggling.py application.docx c:\Users\user0\Desktop\malware.docx

The Compiled Version of the Program Can be Downloaded from the Links Below.

"Html Smuggling"
HtmlSmuggling.rar --> zip password: "gung0r_HtmlSmuggling"
Link = https://drive.google.com/file/d/1nywAbA8fEx6lFPz5snI05KeAMz8bTUcS/view?usp=sharing

Requirement

  Required library: pyinstaller

pip install pyinstaller

  "pyinstaller" will be used to make the code one piece executable

Compilation

  [Language : Python 3.8.5]

pyinstaller --onefile --icon=HtmlSmuggling.ico HtmlSmuggling.py

Video and Screenshots of the Vulnerability

  The use of the compiled version of the script is shown in the Youtube video. It can be viewed at the link below.

[Youtube Link] https://www.youtube.com/watch?v=_rQrLeDaFSU

[ScreenShot 1] b1

[ScreenShot 2] a2

[ScreenShot 3] a3

[ScreenShot 4] a4

[ScreenShot 4] a5

Legal Warning

  Run your tests on virtual machines. The responsibility for illegal use belongs to the user. Shared for educational purposes.

htmlsmuggling's People

Contributors

abdulkadir-gungor avatar

Stargazers

avatar avatar

Forkers

fishke22

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.