The Backdoor Factory (BDF) v-2.3.2 released : Patch PE, ELF, Mach-O binaries with shellcode.

The Backdoor Factory (BDF) v-2.3.2 released : Patch PE, ELF, Mach-O binaries with shellcode.

NOTICE: For security professionals and researchers only.
Changelog 12/17/2014:
– OS X Beaconing Payloads for x86 and x64: beaconing_reverse_shell_tcp
-B 15 –> set beacon time for 15 secs
– Bug fix to support OS X for BDFProxy

The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.PE(The-Portable-Executable-Format)

Features:
+ PE Files
+ ELF Files
+ Mach-O Files
+ OverallMSF-Overwrite-Entry

Dependences:
Capstone, using the ‘next’ repo until it is the ‘master’ repo: https://github.com/aquynh/capstone/tree/next
Pefile, most recent: https://code.google.com/p/pefile/ MSF-Overwrite-Entry-Before

INSTALL:
./install.sh

This will install Capstone with the ‘next’ repo and use pip to install pefile.

UPDATE:
./update.sh

Documentation and Presentation:
http://www.slideshare.net/midnite_runr/patching-windows-executables-with-the-backdoor-factory
– http://www.youtube.com/watch?v=LjUN9MACaTs

Sample Usage:
Patch an exe/dll using an existing code cave:

Patch an exe/dll by adding a code section:

Patch a directory of exes:

User supplied shellcode:

Hunt and backdoor: Injector | Windows Only

Download :

the-backdoor-factory-2.3.2.tar.gz (55 KB)
the-backdoor-factory-2.3.2.zip (74 KB) 

Contact the developer on:
IRC: irc.freenode.net #BDFactory
Twitter: @midnite_runr
Source : https://github.com/secretsquirrel/the-backdoor-factory

NOTICE: For security professionals and researchers only.