How To: Inject Payload into Softwares via HTTP

Inject Payload into Softwares via HTTP

Hi, this is a quick demo about how to backdoor executables (software) sent over HTTP using MITMF, backdoor factory
This attack works on LAN
-Kali Linux or any Linux OS
-Wireless USB Adapter e.g. (TL-WN722N)
-MITMf (man-in-the-middle framework)
-MSFconsole or Armitage
LAN network, same as the target/victim
Machine A-victim
Machine B-attacker

A situation where machine A wants to download a software for example winrar, the victim goes through google and lands on the page ( the attacker is already waiting to inject payload into binaries served over (HTTP)

This attack is possible because a lot of tool websites still serve binaries via non-SSL/TLS means.

Just updated your iPhone? You'll find new features for Podcasts, News, Books, and TV, as well as important security improvements and fresh wallpapers. Find out what's new and changed on your iPhone with the iOS 17.5 update.


Darn it, I was going to make a tutorial on this. It's in my drafts. ;)

Thanks for sharing. It's truly a wonderful attack.
But next time, could you not just copy and paste the description of the video? Thanks.

I'd like to read that, I'm not really into video tutorials (I've been trying to follow a course on Cybrary and it's being a nightmare)

Yeah, almost done. Just got to fix the kinks. ;)

Why does this have downvotes? the video is pretty nice and just explains about anything you need to do to perform the attack...

Because he just pasted the description of the video in the post.

Didn't know it is a crime to copy n paste from the video I created myself. My apology

There's rules on this. "This includes copying your YouTube video descriptions."

Nice tutorial, thanks Geek.

Share Your Thoughts

  • Hot
  • Latest