Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked Making Backdoors With Msfvenom

sQuo

By ADMINsQuo
in Video Tutorials

 Share

Recommended Posts

sQuo Hacker

ADMINsQuo

Posted
Posted

 

Description:

Today I am going to show you how to backdoor executables using msfvenom. This is a very handy tool in exploitaion.

 

What is MSFVenom?

MSFVEnom is a combination of MSFPayload and MSFEncode. It is a all in one framework that makes us easy in creating backdoor executables. In this tutorial I will backdoor calc.exe in a Windows XP SP2 system. I will use a reverse connection back to my back track machine. Our template is calc.exe and we will encode using x86/shikata_ga_nai encoder (I normally use this, you can use what ever you like) and encode this 10 times. So this will the parameter of using msfvenom.

 

This is the hidden content, please

 

I will break it down and exlain this for you. -p stands for our payload here i have used a meterpreter reverse connection which is awesome to use. LHOST is your local IP and LPORT is your local open port listening. -x is the template we are going to use or simply our custom executable. -k we use this option to start our payload in a new thread otherwise our win32 executable won't load into memory instead the payload will only be executed. -e is the encoder to use you can use whatever you like, you can view all the encoders in the metasploit framework by typing 'show encoders'. Encoders are important in evading AVs but this is not perfect as we think, the best way is to write our custom encoders for better results.-i stand for iteration or our count, how many times we would encode. -f is the format we are going to use so in my case I will use exe as the format.

So that's it from the creation of our backdoor. Now we will launch Metasploit and use exploit/multihandler. This is a stub that handles exploits launched outside our framework. As our backdoor listens to the specified settings we have to give the same payload, same local host and same port which we used at the creation of our backdoor. so that's it run exploit and msf will start listening.

Okay now lets dump our created backdoor which works fine as a calculator , just like a clone of calculator. Once the victim runs our infected calc.exe we should get a nice meterpreter revserse connection . So that's it the box is pwned.

We can create the same backdoor by piping msfencode into msfpayload which results a very long parameter and difficult to memorize the commands.

 

This is the hidden content, please

 

So by using MSFVenom easily we can generate payload along with encoding in a simple manner. I hope you learnt something useful.

Thank you.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.