Silent Install and Run of an EXE?

Discussion in 'BlackHat Lounge' started by blackhat-dudette, Jul 20, 2015.

  1. blackhat-dudette

    blackhat-dudette Regular Member

    Joined:
    Mar 12, 2010
    Messages:
    313
    Likes Received:
    195
    Occupation:
    Freelance internet marketing expert
    Location:
    UK
    Is it possible?

    I know you can do drive by installs via Java etc, and I know you can set websites to auto download files, I just wondered if you could get a website to auto download the file, then the file to auto-install itself?

    Any ideas you clever, clever people?
     
  2. peetrike

    peetrike Power Member

    Joined:
    Aug 19, 2012
    Messages:
    585
    Likes Received:
    219
    Location:
    Estonia
    User needs to open the file to get it installed silently (it can be even done that the user opens a file and it will download another file from url and then silently installs it). You want to use it for PPI?

    Cheers
     
    • Thanks Thanks x 1
  3. blackhat-dudette

    blackhat-dudette Regular Member

    Joined:
    Mar 12, 2010
    Messages:
    313
    Likes Received:
    195
    Occupation:
    Freelance internet marketing expert
    Location:
    UK
    OK, I can live with that, if I manage to drop my file onto a few thousand pcs, there will be a fair percentage of people that accidently click the exe....

    PPI was one idea, although I have many more ways I could coin off this.
     
  4. peetrike

    peetrike Power Member

    Joined:
    Aug 19, 2012
    Messages:
    585
    Likes Received:
    219
    Location:
    Estonia
    If you want to use it on PPI then once the file downloads the offers (let`s say amonetize) then AV will still detect it. If PPI offers/files are known to AVs then it won`t install if the AV is active on PC. Plus you need to constanlty update the "autoinstaller" cause it gets detected too.

    Cheers
     
  5. Honest

    Honest Regular Member

    Joined:
    Jan 7, 2011
    Messages:
    213
    Likes Received:
    206
    Occupation:
    Self Employed
    Location:
    Atlanta, GA
    Use the reverse textflow method to better hide your .exe, ie in a .jpg.

    I'm not going to try and explain it, just google it.
     
    • Thanks Thanks x 1