Sunday, February 12, 2012

Automatic Backdoor Generator for Windows System

Astr0baby developed an automatic tools to generate a backdoor for Windows system.

Later, www.coresec.org modified his work to make it workable on Back|Track 5. So, I made the modified source code available at here.

Then, I slightly modified coresec.org's work and make a video at here for reference.



The evasion of anti-virus of the captioned generated file is not too good as some of the users posted the generated file to the free anti-virus scanners on the web and/or local anti-virus programs to confirm if it can be detected or not. The problem is that the free scanners on the web will submit the code to their companies for further analysis. So, their detection rate will be higher, just a kind of honeypot. Therefore, if you want to test the generated file locally, please make sure the box cannot surf the internet as the result will be submitted to the anti-virus company after the scan.

I found generation of backdoor automatically is quite interesting. I completely rewrite the code and it can embedded to an executable file. The code can do some simple input data validation too. The current version is 0.2 at the time of this writing. I made a video for the demo. However, the code will not be available at the moment as I am still consider to release the source code or not.



PDFs and image files can also be embedded backdoor to them in the similar way. Therefore, do not download any programs, PDFs and image files from any untrusted sources. Especially, any cracked softwares and free licensed ebooks are to be alerted. This does not only affected Windows system, Linux or Mac OS can be infected too.

That's all! See you.