backdoorppt is a simple script that allow users to add a ms-word icon to one existing executable.exe (using resource-hacker as backend appl) and a ruby one-liner command that will hidde the .exe extension and add the word doc .ppt extension to the end of the file name.
Dependencies: xterm, wine, ruby, ResourceHacker(wine)
Tool Limitations:
1º – backdoorppt only supports windows binarys to be transformed (.exe -> .ppt)
2º – backdoorppt requires ResourceHacker installed (wine) to change the icons
3º – backdoorppt present you 6 available diferent icons (.ico) to chose from
4º – backdoorppt does not build real ms-word doc files, but it will transform your payload.exe to look like one word doc file (social engineering).
Spoof extension methods:
backdoorppt tool uses 2 diferent extension spoof methods: 'Right to Left Override' & 'Hide Extensions for Known File Types' Edit the 'settings' file to chose what method should be used.. cd backdoorppt && nano settings
Usage:
git clone https://github.com/r00t-3xp10it/backdoorppt && cd backdoorppt ./backdoorppt.sh
Source: https://github.com/r00t-3xp10it