BobTheSmuggler: Leverages HTML Smuggling Attack

Bob the Smuggler

“Bob the Smuggler” is a tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypts the archieve and then hides it inside PNG/GIF image file format (Image Polyglots). The JavaScript embedded within the HTML will download the PNG/GIF file and store it in the cache. Following this, the JavaScript will extract the data embedded in the PNG/GIF, assemble it, perform XOR decryption, and then store it as an in-memory blob.

This tool currently supports the following payload Delivery Chains:

• .EXE/.DLL –> .7z/.Zip (Password Protected) –> .JS –> .HTML
• .EXE/.DLL –> .7z/.Zip (Password Protected) –> .JS –> .SVG –> .HTML
• .EXE/.DLL –> .7z/.Zip (Password Protected) –> .PNG/.GIF –> .JS –> .HTML
• .EXE/.DLL –> .7z/.Zip (Password Protected) –> .PNG/.GIF –> JS –> .SVG –> .HTML

Key Features

• Stealthy File Concealment: Embed any file type (EXE/DLL) securely within HTML pages, PNG, GIF, and SVG files, ensuring the data remains hidden in plain sight.
• Versatile Embedding: Offers the flexibility to embed files in various formats, catering to diverse needs and scenarios.
• Advanced Obfuscation: Utilizes sophisticated techniques to obfuscate the embedded data, further enhancing security and reducing detectability.
• Custom Template Support: Allows the use of custom HTML and SVG templates for embedding, providing personalized and context-specific concealment.
• Intuitive Interface: Features an easy-to-use command-line interface, making it accessible for both technical and non-technical users.
• Visual Validation: Includes visualization tools for PNG files, offering users a way to confirm the successful embedding of data.

Install & Use

Copyright (c) 2024 TheCyb3rAlpha