First of all, why a command-line binder? Automation. Instead of sitting there binding individual, or even groups of files yourself, you can easily automate the binding process by using a batch file or shell script. Saves time and opens up your options. Here’s how this one works:

1. We’ll be using open-source software called NSIS, which creates Windows installers. You can find it here:

http://nsis.sourceforge.net

. For those of you who use Linux, this is already available in base repositories, so you can just type “apt-get install nsis” or “yum install -y nsis” depending on your package manager.

2. You can use absolute paths to refer to files, but in this example we’ll put notepad.exe and calc.exe in the same directory. Now put the following into a file called bind.nsi:

OutFile "binded.exe"
SilentInstall silent

Section "Install"
File /oname=$TEMP\notepad.exe "notepad.exe"
File /oname=$TEMP\calc.exe "calc.exe"

Exec '"$TEMP\notepad.exe"'
Exec '"$TEMP\calc.exe"'

Sectionend

3. In order to create binded.exe, you need to call “makensis bind.nsi”

4. The above example puts notepad and calc into a file called binded.exe. When you run binded.exe, notepad and calc get extracted to the windows temp directory and are silently run simultaneously. You can bind any number of files quickly, easily, and automatically using this technique.

credit : vdm

Explore More

SQLi vulnerabiltiy in irrawaddy store owned by Irrawaddy Publishing Group.

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.irrawaddystore.com owned by Irrawaddy Publishing Group. These are some information from Vulneral Site http://www.irrawaddystore.com :

Hackers launch phishing attack on Facebook users

We have been written many articles about phishing attack on Websites but Now, Hackers launched an attack on Facebook’s 200 million users on Thursday, successfully gathering passwords from some of

XSS Stealing Cookies

This method (XSS attacks) is for get the cookies users, so, for get information of users… and then, login into the account of the victim user…u will have to give