Run an application by hiding it as a document?

Status
Not open for further replies.

SpartacusSystem

Level 7
Verified
Well-known
Aug 6, 2015
306
I remember in my earlier school days, we had a network drive which was full of student's work along with resources. Someone in our school had made a word document on the drive called 'work' and in that document there were three flash-based games which were able to run successfully, it was left undiscovered for about two to three years until one day it was taken off the network drive.

So I would sell and smuggle games in school by putting them in doc files. How I did it? I simply just dragged and dropped the games into a word document and it simply worked.

I think what you want to do is known as steganography. So have a look into that. I would have guided you in the right direction but I suspect, you will be using this for malicious intent.
 

mina bat

New Member
Thread author
Aug 14, 2016
12
no bro i am good guy ..... is there any way to open the game directly after clicking on the word document
 

mina bat

New Member
Thread author
Aug 14, 2016
12
I remember in my earlier school days, we had a network drive which was full of student's work along with resources. Someone in our school had made a word document on the drive called 'work' and in that document there were three flash-based games which were able to run successfully, it was left undiscovered for about two to three years until one day it was taken off the network drive.

So I would sell and smuggle games in school by putting them in doc files. How I did it? I simply just dragged and dropped the games into a word document and it simply worked.

I think what you want to do is known as steganography. So have a look into that. I would have guided you in the right direction but I suspect, you will be using this for malicious intent.


no bro i am good guy ..... is there any way to open the game directly after clicking on the word document
 
W

Wave

@mina bat Surely you must understand that it is very important to this community that no one becomes involved with things relating to malicious intent? Sorry to burst your bubble but sending your Facebook profile (whether it is genuine or staged to look real) is not any sort of valid proof that you are not trying to do something with malicious intent.

In fact, one common thing that people who are trying to do something with malicious intent do on forums (when they are requesting assistance for something), is exactly what you've done... Mention a lot about how they are good and not trying to do something bad... without any real justification to what their intentions are. I'm not saying that you DO have malicious intent, but surely you must understand what I am trying to say?

Anyway, can you please provide some genuine information as to what your intentions are behind this "research"? It's rare for someone to just wake up and think "Oh, I wonder if its possible to have a *.txt file run executable code in the background silently!" without an actual end goal... And usually things like this end up with a malicious goal.

Regardless, if you could just place your own executable code into a *.txt file and have it ran once the user opens up that text file, it would be completely ridiculous and an entire flaw in the Windows OS itself. Although if you change the format of an existing *.txt file and check the bytes in the file (HEX) you'll notice that it is still a Portable Executable; the MZ DOS header will still all be there, etc. Now, double-clicking this *.txt file won't launch the program because Windows will think its a text file (although it is technically possible to have this *.txt file loaded into memory as a PE since it really is a PE and not a *.txt file).

On the other hand, if you open a *.txt file in a HEX editor to view the bytes in the file, you'll notice it's literally just the text for the saved data. This is because when you go to run it, Windows will see it's extension and attempt to load it into the default text editor program, as opposed to doing all the things that happen with a real Portable Executable (memory mapping, etc - it doesn't need to do any of this because it just runs the default text editor program which uses arguments to get the path of the text file being opened and then it opens it there).

I am still not 100% sure on what you've been asking because your details are so basic and straightforward and you've barely provided any real information about... Anything! However, if you're referring to exploits and code execution (e.g. when a Microsoft Document is opened for example), then yes, this is very possible and is actually more common than you'd think (with threats like ransomware for example).

But to answer your question:
is there any way to open the game directly after clicking on the word document
The answer is No (as of now or to my intentions at least). Unless you are referring to social engineering tactics to make the user believe it was a text file when it really had an .exe extension - although I won't dive into this information.

No offence but I really don't believe that you are just doing some "research". Please elaborate if possible (without the double posts this time).
 

mina bat

New Member
Thread author
Aug 14, 2016
12
how do i change the name of the file from games.exe to games and put an game icon and when i click on the game file open without showing me this security warning
Screenshot (158).png
Screenshot (159).png
Screenshot (160).png
Screenshot (161).png
 
W

Wave

how do i change the name of the file from games.exe to games and put an game icon and when i click on the game file open without showing me this security warning View attachment 111987 View attachment 111988 View attachment 111989 View attachment 111990
Now you want to bypass code signing certificate checks so Windows forgets that your executable isn't digitally signed and that the user doesn't receive any sort of confirmation before your "untrusted" program runs?

Sorry but this all looks suspicious to me.

I've literally just said:
Surely you must understand that it is very important to this community that no one becomes involved with things relating to malicious intent? Sorry to burst your bubble but sending your Facebook profile (whether it is genuine or staged to look real) is not any sort of valid proof that you are not trying to do something with malicious intent.
In fact, one common thing that people who are trying to do something with malicious intent do on forums (when they are requesting assistance for something), is exactly what you've done... Mention a lot about how they are good and not trying to do something bad... without any real justification to what their intentions are. I'm not saying that you DO have malicious intent, but surely you must understand what I am trying to say?
No offence but I really don't believe that you are just doing some "research". Please elaborate if possible (without the double posts this time).
 
Last edited by a moderator:
W

Wave

i am doing some researches about windows bugs :):)
Of course you are, how didn't I guess this?!

No, but on a serious note, someone who is performing real research on Windows bugs/vulnerabilities and takes their work seriously won't run to a security forum asking how to do things that seem suspicious without providing real information behind their goals. It looks to me that you've just made that response up on the spot, you haven't provided any additional information, again!

How can you perform research on Windows bugs/vulnerabilities when you don't know how features you are performing research on actually work? You literally just posted here asking how you can bypass the code signing certificate notification warnings. Someone who is being ethical and is really doing as they say won't behave like this.

It looks like that you want to read about some research on Windows as opposed to you doing the research - otherwise why else would you be asking how to do it all? If you aren't doing the research then it doesn't count as your research. Tip: You can read about some Windows bugs/vulnerabilities here: Exploits Database by Offensive Security

Even based on the screenshots you've posted the only idea I get is that you are trying to do something malicious. Look at the screenshots you posted: you've changed the icon of the program to an icon of Angry Birds (a game you don't actually own), you've changed the name of the program to games.exe and now you are trying to conceal evidence of it running on the system so the user doesn't become aware.

On top of all of this, now you want to bypass code signing certificate checks to avoid the warning when you try to run the program... How much closer to looking like a malware developer do you want to get?
 

mina bat

New Member
Thread author
Aug 14, 2016
12
Of course you are, how didn't I guess this?!

No, but on a serious note, someone who is performing real research on Windows bugs/vulnerabilities and takes their work seriously won't run to a security forum asking how to do things that seem suspicious without providing real information behind their goals. It looks to me that you've just made that response up on the spot, you haven't provided any additional information, again!

How can you perform research on Windows bugs/vulnerabilities when you don't know how features you are performing research on actually work? You literally just posted here asking how you can bypass the code signing certificate notification warnings. Someone who is being ethical and is really doing as they say won't behave like this.

It looks like that you want to read about some research on Windows as opposed to you doing the research - otherwise why else would you be asking how to do it all? If you aren't doing the research then it doesn't count as your research. Tip: You can read about some Windows bugs/vulnerabilities here: Exploits Database by Offensive Security

Even based on the screenshots you've posted the only idea I get is that you are trying to do something malicious. Look at the screenshots you posted: you've changed the icon of the program to an icon of Angry Birds (a game you don't actually own), you've changed the name of the program to games.exe and now you are trying to conceal evidence of it running on the system so the user doesn't become aware.

On top of all of this, now you want to bypass code signing certificate checks to avoid the warning when you try to run the program... How much closer to looking like a malware developer do you want to get?


bro i own the angry birds game why did you say that
 

mina bat

New Member
Thread author
Aug 14, 2016
12
Of course you are, how didn't I guess this?!

No, but on a serious note, someone who is performing real research on Windows bugs/vulnerabilities and takes their work seriously won't run to a security forum asking how to do things that seem suspicious without providing real information behind their goals. It looks to me that you've just made that response up on the spot, you haven't provided any additional information, again!

How can you perform research on Windows bugs/vulnerabilities when you don't know how features you are performing research on actually work? You literally just posted here asking how you can bypass the code signing certificate notification warnings. Someone who is being ethical and is really doing as they say won't behave like this.

It looks like that you want to read about some research on Windows as opposed to you doing the research - otherwise why else would you be asking how to do it all? If you aren't doing the research then it doesn't count as your research. Tip: You can read about some Windows bugs/vulnerabilities here: Exploits Database by Offensive Security

Even based on the screenshots you've posted the only idea I get is that you are trying to do something malicious. Look at the screenshots you posted: you've changed the icon of the program to an icon of Angry Birds (a game you don't actually own), you've changed the name of the program to games.exe and now you are trying to conceal evidence of it running on the system so the user doesn't become aware.

On top of all of this, now you want to bypass code signing certificate checks to avoid the warning when you try to run the program... How much closer to looking like a malware developer do you want to get?

bro you want the truth chat me at facebook https://www.facebook.com/mina.nageh.568
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top