You always wanted to make an undetected payload and make it look legit, Well this is what this tutorial is about, You're going to learn how to backdoor any (Unfortunately only 32-Bit) software, Let's get into it
First of all, Head to Shellter download page and download it, then extract the folder, Don't use apt-get shellter since it will download an older version
After downloading head to the folder where you extracted Shellter, then run the executable "i assume you got wine installed" You will get this screen
We will chose Auto mode for now, you can experiment by yourself later, After choosing Auto you will be asked to put the directory of the file we want to backdoor, In my case its
After that press enter
We now wait until we get the second prompt
After waiting for a while we get to choose the payload, you can import custom payloads too, we will use the popular windows/meterpreter/reverse tcp
Type L then choose the payload number, in my case it's 1, then set the LHOST using your ip and LPORT with the port number you're going to use
After doing so the tool will handle the rest, after a while the software will get backdoored:
Alright, moving to the next step.
After backdooring the software we will setup the listener, run msfconsole then use the multi/handler
and set the payload as "windows/meterpreter/reverse tcp" Then set the "LHOST" and "LPORT" (they should be the same as the ones we used in Shellter) and Finally make sure everything is right using "show options"
After everything is done and set-up correctly we run the listener using "run" or "exploit" command
Good, moving to step 4.
After setting up everything, we should send the file to the victim and wait for him to open it
Now here comes the tricky part, as soon as he opens the file we should have a Meterpreter session
As soon as he closes the file we lose the session, so whenever the victim opens the file and the sessions pops up you should get the processes list using "ps" command and migrate the session to another process
Now migrate to one of the processes
Now even if he closes the file we're still in.
That's it, Have fun backdooring softwares