How to migrate Meterpreter Backdoor to any Windows Process


It is very important to migrate your backdoor to any other background process of windows otherwise the victim can find it by going through task manager.

Migrating the backdoor also benefits the attacker in the way that when the victim executes the backdoor file, session gets started but when that file is closed, the session also get closed, so attacker have to be very quick to do this as soon as the session opens.

To get system level or admin privilege we have to execute it as admin which is monitored my windows UAC.


It assumes that you already have MetaSploit installed, or that you are running Kali / backtrack Linux. if not Installed,you can download from here https://www.metasploit.com/



Lets Start To migrate Meterpreter Backdoor to any Windows Process

Step 1 : Firtly get a meterpreter of victim PC and a get a admim privilege of vitim pc using bypassuac

How To Bypass UAC And Get Admin Privilege in Windows Using MetaSploit.


Step 2 : We now have a full Meterpreter shell to the target.Now the session has opened type sysinfo to get system information


How To migrate Meterpreter Backdoor to any Windows Process


Step 3 : Just Type help to see more action.


How To migrate Meterpreter Backdoor to any Windows Process


Step 4 : Type ps Command

The "ps" command displays a list of running processes on the target.

meterpreter > ps

How To migrate Meterpreter Backdoor to any Windows Process


Step 5 :

we exploit the remote system and migrate to the "Explorer.exe" process in case the user notices the exploited service is not responding and decides to kill it.


How To migrate Meterpreter Backdoor to any Windows Process


meterpreter > migrate 1516

How To migrate Meterpreter Backdoor to any Windows Process


Step 6 : Now its time to check if the backdoor will open for us a new session every time that the system will boot. So we will reboot the system.

Windows is shutting down


How To migrate Meterpreter Backdoor to any Windows Process


See all sessions automatically closed.


How To migrate Meterpreter Backdoor to any Windows Process


Step 7 : Even after the system reboots, the Meterpreter on the victim system attempts to connect to us every 5 seconds until it has successfully open a session for us.


How To migrate Meterpreter Backdoor to any Windows Process


Step 8 : Now we have successfully opened a persistent connection on the victim system that we can come back to time and time again.


How To migrate Meterpreter Backdoor to any Windows Process


I hope you enjoyed this article.



Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Stay Connected

Popular Posts

Get Latest Stuff Through Email


Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..