C:\Users\USER-PC>netsh wlan show profile name="PROFILE NAME" key=clear | findstr Key
C:\Users\USER-PC>wmic diskdrive get serialnumber
C:\Users\USER-PC>wmic baseboard get serialnumber
C:\Users\USER-PC>wmic memorychip get serialnumber
Hide Folders
C:\Users\USER-PC>cd "Path where your folder placed" C:\Path where your folder placed>Attrib +h +s +r FolderName
Unhide Folders
C:\Users\USER-PC>cd "Path where your folder placed" C:\Path where your folder placed>Attrib -h -s -r FolderName
# Password Generator
$Length=12
# Define Character Sets
$UpperCase=@('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z')
$LowerCase=@('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z')
$Numbers=@('1','2','3','4','5','6','7','8','9','0')
$Symbols=@('!','@','$','?','<','>','*','&')
$FullSet=@('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','1','2','3','4','5','6','7','8','9','0','!','@','$','?','<','>','*','&')
# Check to see if all character sets are used
$HasUpperCase=0
$HasLowerCase=0
$HasNumbers=0
$HasSymbols=0
While($HasUpperCase -eq 0 -or $HasLowerCase -eq 0 -or $HasNumbers -eq 0 -or $HasSymbols -eq 0)
{
# Generate New Password
# Initialize password variable
$Password=""
$PasswordArray = $FullSet | Get-Random -Count $Length
For ($Index=0; $Index -lt $Length; $Index++)
{
$Password=$Password+$PasswordArray[$Index]
}
# Test the password that has been created
For ($Index=0;$Index -lt $Length; $Index++)
{
$Character=$Password.Substring($Index,1)
If ($UpperCase -Ccontains $Character) {$HasUpperCase=1}
If ($LowerCase -Ccontains $Character) {$HasLowerCase=1}
If ($Numbers -Contains $Character) {$HasNumbers=1}
If ($Symbols -Contains $Character) {$HasSymbols=1}
}
}
# Display Password
Write-Host "The new password is: " $Password
Set-Clipboard -Value $Password
C:\Users\USER-PC>interface ip set dns name="ADAPTER NAME" source="static" address="X.X.X.X" C:\Users\USER-PC>interface ip add dns name="ADAPTER NAME" addr="X.X.X.X" index=2
C:\Users\USER-PC>wmic baseboard get product,Manufacturer,version,serialnumber
We need a file that we will hide in a file, let's use this file! a kitten image! who would suspect such a sweet kitten?
https://upload.wikimedia.org/wikipedia/commons/b/bc/Juvenile_Ragdoll.jpg
Now we will create a file with our super secret message, and create a file named message.txt with the following content
This is my super secret message
Now compress the file with the following command
zip --password yourpassword message.zip message.txt
The password option creates a password-secured zip file, this option is not required but can provide an extra layer of security
To merge the two files into one we can use the cat command, you might wonder why to use an image file and not something else. The reason is that an image file that has a hidden file inside does not raise any suspicions since the file image is still viewable!
cat Juvenile_Ragdoll.jpg message.zip > cat.jpg
Now a file cat.jpg has been created and we are ready!
To extract the hidden file exists numerous ways! but let's work only with two of them, the first one is with the use of binwalk , binwalk is a tool that searches for file signatures inside a file and if detects one it extracts the file
❯ binwalk -e cat.jpg DECIMAL HEXADECIMAL DESCRIPTION -------------------------------------------------------------------------------- 0 0x0 JPEG image data, EXIF standard 12 0xC TIFF image data, little-endian offset of first image directory: 8 33192 0x81A8 TIFF image data, little-endian offset of first image directory: 8 3590426 0x36C91A Zip archive data, encrypted at least v1.0 to extract, compressed size: 44, uncompressed size: 32, name: message.txt 3590636 0x36C9EC End of Zip archive, footer length: 22
We can see that it detected the zip file inside the image file and automatically created a directory with the name of _cat.jpg.extracted with two files, one zip that contains the zip file we hide and message.txt which is empty because the zip file is password-protected.
cd _cat.jpg.extracted ❯ find . . ./36C91A.zip ./message.txt
Now let's talk about the second way! do you know why we compressed the message file? One reason apart from security is that a specialized file like a zip contains header bytes (magic numbers) that can help us identify from where the zip file starts and this is how we can manually identify and extract the zip, first, we need to convert the file to a hex dump
hexdump -v -e '/1 "%02X "' cat.jpg > cat.hex
To make things easier let's suppose that we know that we are looking for a zip file, the hex signature of zip files is 50 4B 03 04 . This means that files compressed with pkzip algorithm start from these bytes, so since we know that there are two files merged one after the other if we take all bytes starting from the signature we should extract the zip file! Let's do this
cat cat.hex | grep -o '50 4B 03 04.*' | tr -d ' ' > message.hex
This command will generate a hex dump of the second file, the zip file, now we need to convert it to binary!, we can do this with xxd
cat message.hex | xxd -r -p > message.zip
Let's try to unzip the file, it will ask for a password and the output will be message.txt which was the file that originally we wanted to hide
unzip message.txt
X:\Sources>bcdedit /export c:\bcdbackup The operation completed successfully. X:\Sources>attrib c:\boot\bcd -h -r -s X:\Sources>ren c:\boot\bcd bcd.old X:\Sources>bootrec /rebuildbcd Scanning all disks for Windows installations. Please wait, since this may take a while... Successfully scanned Windows installations. Total identified Windows installations: 1 [1] D:\Windows Add installation to boot list? Yes(Y)/No(N)/All(A):Y The operation completed successfully.
To turn this feature on
C:\Users\USER-PC>bcdedit /set {bootmgr} displaybootmenu yes
To turn this feature off
C:\Users\USER-PC>bcdedit /set {bootmgr} displaybootmenu no
C:\Users\USER-PC>start WebsiteURL