top of page
Programming

How I created an undetectable Backdoor for Windows — Ethical Hacking


What is a Backdoor?

Backdoor is a method of secretly gaining remote access to a computer by bypassing the normal authentication and firewall of the machine.

In this blog, I will be writing on How I created a backdoor for my Windows machine that even the antivirus could not detect. After creating the backdoor, I was able to do a lot of stuff on the Windows machine remotely like controlling the webcam, taking screenshots, using keyloggers, etc. Let’s get started.


I created the executable (.exe file) on my Ubuntu machine. This .exe file, when run on a windows machine, created a backdoor to my Ubuntu machine from where I was able to control everything on the windows machine.

Let’s look at the steps that need to be followed.


1. Installing Veil

As a first step, we need to install Veil. To install Veil you can go through this link https://www.javatpoint.com/installing-veil. It will also require installing the metasploitable-framework for ubuntu users(not required for Kali) which can be downloaded from here: https://www.darkoperator.com/installing-metasploit-in-ubunt.

Once installed, you can start by just typing veil . (or you can execute it by typing ./Veil.py in the directory veil is installed). The veil shell will open as shown below:


2. Using Evasion in Veil

The veil framework has 2 tools (Evasion and Ordinance) which can be seen by typing list in the veil shell. We are interested in Evasion, so we type

> use 1


3. Generating the Backdoor executable

In backdoors a reverse connection is created, i.e. when the target person double clicks the script, their computer will start the initiation of the backdoor. So it becomes undetectable by many antivirus software because there is no external machine requesting to connect. I also used port 8080 which is a common port used to connect to websites, so nothing would seem suspicious to the antivirus softwares.

Type :

> list

I will use the 15th option (it uses go as the programming language for the meterpreter), so I type :

> use 15