Ticker

6/recent/ticker-posts

New Telegram Vulnerability Evil-Dropper | CVE 2025-1450 Full Details and POC

Ratnesh Mishra March 08, 2025

Ever thought a simple video file could redirect you to a malicious site? What if clicking a Telegram video preview could expose your IP address, login credentials, or even install malware? Sounds dangerous, right? Well, that’s exactly what Telegram-EvilDropper does.

In this guide, we’ll break down how this proof-of-concept (POC) works and how you can set it up for ethical cybersecurity research.

 What is Telegram-EvilDropper?

Telegram-EvilDropper is an exploit that abuses Telegram’s MP4 preview feature to redirect users to a website of the attacker's choice. It works by modifying a video file’s metadata in such a way that, instead of playing the video, it sends the user to a malicious website.

Possible Attack Scenarios

  • Phishing Pages – Redirect the victim to a fake login page and steal their credentials.
  • Malware Drops – Auto-download and execute malware on the victim’s system.
  • IP & Device Tracking – Grab the victim’s IP, device details, and browser fingerprints.

Since Telegram is used by millions worldwide, this technique can have serious implications if misused. But as ethical hackers, we must understand the risks to defend against them.

How to Set Up Telegram-EvilDropper (For Ethical Research Only)

Disclaimer: This is for educational purposes only. Misusing this information for malicious activities is illegal. Use this knowledge to strengthen security, not to harm others.

Step 1: Clone the Repository

First, open your Linux or Windows terminal and enter:

git clone https://github.comkinghacker0/Telegram-EvilDropper.git 
cd Telgram-EvilDropper

This will download the project files to your system.

Step 2: Install Required Dependencies

Ensure you have Python 3 installed. Then, install the required libraries with:

pip install -r requirements.txt

This will install all necessary modules for generating the malicious MP4 file.

Step 3: Configure the Redirect

Now, open the tg.py script in any text editor and modify these lines:

CHAT_ID = "your_chat_id"

BOT_TOKEN = "your_bot_token"

REDIRECT_URL = "https://your-malicious-site.com"

  • Replace your_chat_id with the target Telegram chat ID. You can find it using this LINK
  • Replace your_bot_token with your Telegram bot’s API tokenYou can find it using this LINK
  • Replace your-malicious-site.com with the site you want users to be redirected to.

Step 4: Generate the Exploit File

Run the script to create a specially crafted MP4 file:

python tg.py

This will generate a malicious video that looks like a normal MP4 but actually redirects users when clicked inside Telegram.

Step 5: Deploy the Attack (For Testing Only)

To send the malicious video using your Telegram bot, run:

python bot_sender.py

Now, when the target clicks on the video preview inside Telegram, they’ll be instantly redirected to the malicious site you set earlier.

You can check a detailed video on our official YouTube channel Hackersking

If you find this information helpful make sure to join our social handles and never miss future updates.

Tags:
Ratnesh Mishra

Posted by: Ratnesh Mishra

Not all who probe are looking to break in—some are testing the boundaries.