This tool is a command line utility that allows you to convert any binary file into a QRcode GIF. The data can then be reassembled visually allowing exfiltration of data in air gapped systems.
QRExfiltrate is a command line utility that allows users to covert any binary file into a QRcode GIF. This allows data to be exfiltrated without detection from most DLP systems. To use QRExfiltrate, open a command line and navigate to the directory containing the QRExfiltrate scripts. Then, run the command ./encode.sh to convert the binary file into a GIF file. The GIF file can then be transferred and reassembled using any standard QR code reader.
QRExfiltrate requires the prerequisites qrencode and ffmpeg. It is limited by the size of the source data, as qrencoding per frame has been capped to 64 bytes. Additionally, the conversion to QR code results in a lot of storage overhead, making the resulting GIF file 50x larger than the original. Finally, QRExfiltrate is limited by the capabilities of the QR code reader. If the reader is not able to detect the QR codes from the GIF, the data will not be able to be reassembled.
QRExfiltrate is a powerful tool that can be used to bypass DLP systems and exfiltrate data in air gapped networks. However, it should be used with caution and only in situations where the risk of detection is low. The decoder script has been intentionally omitted to ensure the security of the data.
In conclusion, QRExfiltrate is a useful tool for exfiltrating data in air gapped networks, but it should be used with caution and only in low-risk situations. It is limited by the size of the source data, the storage overhead of the conversion to QR code, and the capabilities of the QR code reader.
👉🏽 This tool is a command line utility that allows you to convert any binary file into a QRcode GIF. The data can then be reassembled visually allowing exfiltration of data in air gapped systems. 👉🏽 QRExfiltrate is a command line utility 👉🏽 It converts binary files into QRcode GIFs 👉🏽 It allows for data to be exfiltrated undetected from DLP systems 👉🏽 To use QRExfiltrate, navigate to its directory and run the command 👉🏽 QRExfiltrate requires qrencode and ffmpeg 👉🏽 qrencoding per frame is capped at 64 bytes 👉🏽 The resulting GIF file is 50x larger than the original 👉🏽 It can bypass air-gapped networks 👉🏽 Use with caution and only in low-risk situations 👉🏽 The decoder script has been omitted to ensure data security.
🔗 source link: https://github.com/Shell-Company/QRExfil
🔗 summarized content: https://hut.threathunterz.com/battlefield-intel/tradecraft-tools/shell-companyqrexfil
#QRExfiltrate #DataExfiltration #DLPBypass #QRCodeGIF #AirGappedNetworks