How To: Inject Payload into Softwares via HTTP

Inject Payload into Softwares via HTTP

Hi, this is a quick demo about how to backdoor executables (software) sent over HTTP using MITMF, backdoor factory
This attack works on LAN
-Kali Linux or any Linux OS
-Wireless USB Adapter e.g. (TL-WN722N)
-MITMf (man-in-the-middle framework)
-MSFconsole or Armitage
LAN network, same as the target/victim
Machine A-victim
Machine B-attacker

A situation where machine A wants to download a software for example winrar, the victim goes through google and lands on the page ( the attacker is already waiting to inject payload into binaries served over (HTTP)

This attack is possible because a lot of tool websites still serve binaries via non-SSL/TLS means.

Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.

Buy Now (90% off) >

Other worthwhile deals to check out:

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.


Darn it, I was going to make a tutorial on this. It's in my drafts. ;)

Thanks for sharing. It's truly a wonderful attack.
But next time, could you not just copy and paste the description of the video? Thanks.

I'd like to read that, I'm not really into video tutorials (I've been trying to follow a course on Cybrary and it's being a nightmare)

Yeah, almost done. Just got to fix the kinks. ;)

Why does this have downvotes? the video is pretty nice and just explains about anything you need to do to perform the attack...

Because he just pasted the description of the video in the post.

Didn't know it is a crime to copy n paste from the video I created myself. My apology

There's rules on this. "This includes copying your YouTube video descriptions."

Nice tutorial, thanks Geek.

Share Your Thoughts

  • Hot
  • Latest