漏洞 工具 极客 Web安全 系统安全 网络安全 无线安全 设备/客户端安全 数据安全 安全管理 企业安全 工控安全


头条 人物志 活动 视频 观点 招聘 报告 资讯 区块链安全 标准与合规 容器安全 公开课





后门制造工厂——The Backdoor Factory
2013-08-23 10:10:42

The Backdoor Factory是一款安全测试工具,可以轻松的生成win32PE后门测试程序值得注意的是,本工具仅用于安全实验和信息安全实验教学使用,禁止任何非法用途!


-修改PE/COFF头以为所有的WIN32 DLL增加附加选项


Usage: ./ -h
Usage: [options]
Options: -h, --help show this help message and exit
-f FILE, --file=FILE File to backdoor
-i HOST, --hostip=HOST IP of the C2 for reverse connections
-p PORT, --port=PORT The port to either connect back to for reverse shells or to listen on for bind shells
-o OUTPUT, --output-file=OUTPUT The backdoor output file
-s SHELL, --shell=SHELL Payloads that are available for use.
-n NSECTION, --section=NSECTION New section name must be less than seven characters
-c, --cave The cave flag will find code caves that can be used for stashing shellcode. This will print to all the code caves of a specific size. The -l flag can be use with this setting.
-d DIR, --directory=DIR This is the location of the files that you want to backdoor. You can make a directory of file backdooring faster by forcing the attaching of a codecave to the exe by using the -a setting.
-v, --verbose For debug information output.
-e ENCODER, --encoder=ENCODER Encoders that can help with AV evasion.
-l SHELL_LEN, --shell_length=SHELL_LEN For use with -c to help find code caves of different sizes
-a, --add_new_section Mandating that a new section be added to the exe (better success) but less av avoidance
-w, --change_access This flag changes the section that houses the codecave to RWE. Sometimes this is necessary. Enabled by default. If disabled, the backdoor may fail.
-j, --injector This command turns the backdoor factory in a hunt and shellcode inject type of mechinism. Edit the target settings in the injector module.
-u SUFFIX, --suffix=SUFFIX For use with injector, places a suffix on the original file for easy recovery
-D, --delete_original For use with injector module. This command deletes the original file. Not for use in production systems. Author not responsible for stupid uses.


本文作者:, 转载请注明来自FreeBuf.COM

+ 收入我的专辑
评论 按时间排序


  • 0 文章数
  • 0 评论数
  • 0 关注者
登录 / 注册后在FreeBuf发布内容哦