Scribd Logo
Upload

Welcome to Scribd!

  • Implementation Guide

    Uploaded by

    arnau morales cubedo
    8 views3 pages
    This document outlines steps to crypt an executable file and deliver it to a victim's machine disguised as a cracked software installer. It involves using NGROK for port forwarding, msfvenom to create a payload, converting the payload to a batch file, encrypting the batch file, automating the infection process with additional batch files, and using social engineering techniques like changing the shortcut icon to trick the victim into running the malicious file. The goal is to establish a meterpreter session on the victim's machine that can communicate back to the attacker.

    Original Description:

    Original Title

    Implementation_Guide

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document outlines steps to crypt an executable file and deliver it to a victim's machine disguised as a cracked software installer. It involves using NGROK for port forwarding, msfvenom to create a payload, converting the payload to a batch file, encrypting the batch file, automating the infection process with additional batch files, and using social engineering techniques like changing the shortcut icon to trick the victim into running the malicious file. The goal is to establish a meterpreter session on the victim's machine that can communicate back to the attacker.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views3 pages

    Implementation Guide

    Uploaded by

    arnau morales cubedo
    This document outlines steps to crypt an executable file and deliver it to a victim's machine disguised as a cracked software installer. It involves using NGROK for port forwarding, msfvenom to create a payload, converting the payload to a batch file, encrypting the batch file, automating the infection process with additional batch files, and using social engineering techniques like changing the shortcut icon to trick the victim into running the malicious file. The goal is to establish a meterpreter session on the victim's machine that can communicate back to the attacker.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Crypter Implementation Document

    Step 1: Set up NGROK port forwarding to receive connection directly from the internet to your local
    machine.

    Step 2: Create a payload using msfvenom. (in this case: spotify.exe).

    Step 3: Convert .exe file to .bat file (converting spotify.exe to spotify.bat)

    Step 4: Edit bat file. (in this case spotify.bat)


    Step 5: Adding a statement “start spotify.exe” towards the end.

    Step 6: Encrypted “.bat file” and obtaining obfuscated “decryptMe” file.


    (In this case: spotify.bat -------> decryptMe)

    Step 7) Transfer decryptMe along with binaryread.c (the crypter) to victim’s machine.

    Step 8: Create wreckMe.bat file to automate the infecting process.

    Step 9: Create a shortcut for wreckMe.bat script. (In this case


    SpotifySetup2020_Cracked_Full_Version)
    Step 10: Change the icon of the shortcut file. This is part of social engineering. (All other files are
    kept hidden in the “data” directory.)

    Step 11: Change the properties of shortcut file. By changing the “Run” to Minimized, when the
    victim opens it, the execution will start in minimized mode, making it stealthier.

    Step 12) When victim runs the shortcut file, the attacker obtains a meterpreter session on his
    machine that is listening for connections. NGROK forwards the reverse tcp connection over the
    internet to the attacker’s machine.

    You might also like