Hello, hackers, Today we are going to know about Umbrella Dropper, which is dedicated to most pen-testing, it downloads files on the target system and executes them without a double execution of .exe, only of embed.
I know most of you might want to hack victims only by sending a real file, which when opened open ups a malicious link which automatically downloads the payload from a remote server and executed it without the need of double execution of .exe file which has been downloaded. even you can hack a victim by simply embedding a malicious backdoor as a zip file with the image and sending it to the victim to read on it follow the article on How To Hack Any Windows 7/8/10 Remotely Using An Image
Well, there are a lot of tools for that and thanks to Github to be an open source for developers and testers for sharing source code and files. Git Hub has been the heaven for penetration testers and n00bies for getting cool and perilous stuff to generate a various payload, scanners and injectors,etc….
- Download executable on the target system.
- Silent execution.
- Download and execute executable once time.
- If the exe already had downloaded and running, open only pdf/docx/xxls/jpg/png.
- Some Phishing methods are included.
- Multiple Session disabled.
- Bypass UAC.
- sudo access
- python 2.7 on Wine Machine
Installation of Umbrella:
- first, we need to clone[download] the GitHub repository by the command “git clone https://github.com/4w4k3/Umbrella.git”
- Now change your directory to the downloaded folder “cd Umbrella”
- Obtain the permission for the installer file using the command “chmod +x install.sh”
- Run the installer using “./install.sh”. this will attempt to install all the requires dependencies needed for the program to run and update your system
- To run the script we use “Python.py”, since the script is a python script we first notify terminal that we are running a python script using the term python, we can also run using “./” which means executable file for Linux operating system
- During the installation you will be prompted with wine installation pop-up, we just need to specify Windows 7 or XP which will attempt to install windows .net framework to create an executable file. Next, it will ask you to install Python choose repair option to make necessary changes to the python libraries.
Note: If you face any problems with installation or any error in Python the simply type in “python -m pip install –upgrade pip” this will attempt to upgrade all the python modules and debugs the installation automatically.
Using Umbrella Dropper:
After the installation you will be greeted with the umbrella interface where you will have four options saying:
- [D] GEN DROPPER
- [H] HELP
- [U] UPDATE
- [E] EXIT
To generate payload type in D
This time you need to specify the file type you wish to use for the exploit. Next, you need to specify the URL for the .exe file.
Suppose you are running Apache locally then place the malicious payload [say payload.exe] generated from various payload generating tools in your ‘/var/www/html/” directory and the URL would be your local “IPaddress/payload.exe”.To know your local ip type in “ifconfig” in can terminal. If you are conducting a hack on the WAN then you need to upload the malicious file to any open web server accessible through the world wide web publically. but for this tutorial am using my local web server as shown in the screenshot:
When it asks for the URL then enter the URL for the payload on the server, but remember to check if the victim can access it or not. if the victim cant then its complete waste of time. Now it will ask to enter the image URL as a transporter as seen below I have given the URL in the screenshot:
This will produce a file in the “dist/” directory of the umbrella folder. send this to the victim when he opens the image the payload gets automatically executed. But if you think as a hacker, we can take advantage of the feature as When the victim opens the files the web browser opens the embedded link and since our link contains a payload it will be downloaded and automatically executed without the double execution of the payload and we will get a meterpreter session in our terminal. If we can select a favourite image regarding the victim likes by social engineering him as if, an example of a hacker, we can embed a payload to an image which can be selected to be kept as a background image and upload it to a file sharing server we can also create an album regarding the selection of the background image and infect all the image of the album and send the link to the victim to take a look on the album and if the victim suppose to like an image and download’s it then our job is done. now umbrella will do its magic and present us with a meterpreter shell.
But as mentioned to be a hacker you need not hack rather than thinking like a hacker, finally it’s all up to you to develop ideas regarding techniques of hacking a victim. If you like this article kindly rate it above and share it. If you have any queries then comment below to let us know how, to know how to hack Kali Linux then read the article on How To Hack The Hacker’s OS Kali Linux. Thank you.