Testing our Malware command execution
In this lesson, we are going to perform the first test of our malware. We haven’t added all of the functions yet, but now we’ve added the main one (which is the shell). We are going to check if that works, if it does, we can continue with the development of our malware.
We will need a program for compilation. To compile Windows software from Linux, we will need a software called “MinGW”, to install it, simply fire up a terminal and type:
sudo pacman -Syyu mingw-w64 # For Arch-based distributions sudo apt update && sudo apt install mingw-w64 # For Debian-based distributions
Once we have “mingw-w64” installed in our computer, make sure the IP addresses and port in “Backdoor.c” and “Server.c” are the same. Before we can compile the program, have in mind that we are compiling two different program for two different platform, that’s why, we’ll compile “Backdoor.c” using “mingw-w64” (to make it executable on windows) and “Server.c” will be compiled by using “gcc” (to make it executable on Linux). Go to the directory where those two files are, and execute the following commands in a terminal emulator:
gcc Server.c -o Server # Compiling the server for Linux i686-w64-mingw32-gcc Backdoor.c -o malware.exe -lwsock32 -lwininet
When both of the programs are compiled, transfer your file “malware.exe” to a sandboxed Windows environment (as you don’t want to infect your computer, and the malware isn’t ready yet to be distributed).
Run your server and the “malware.exe” file so a connection can be stablished, then try executig commands such as dir (the windows equivalent of “ls”), type (the windows equivalent of “cat”) and so on.