Updates The Backdoor Factory (BDF) v-2.3.6 : Patch PE, ELF, Mach-O binaries with shellcode.

Updates The Backdoor Factory (BDF) v-2.3.6 : Patch PE, ELF, Mach-O binaries with shellcode.

NOTICE: For security professionals and researchers only.
Changelog : 12/27/2014
+ Added payloadtests.py
+ This script will output patched files in backdoored that will allow for the user to test the payloads as they wish. Each payload type increments the port used by one.

The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.

PE(The-Portable-Executable-Format)

Features:
+ PE Files
+ ELF Files
+ Mach-O Files
+ OverallMSF-Overwrite-Entry

Dependences:
Capstone, using the ‘next’ repo until it is the ‘master’ repo: https://github.com/aquynh/capstone/tree/next
Pefile, most recent: https://code.google.com/p/pefile/ MSF-Overwrite-Entry-Before

INSTALL:
./install.sh

This will install Capstone with the ‘next’ repo and use pip to install pefile.

UPDATE:
./update.sh

Documentation and Presentation:
http://www.slideshare.net/midnite_runr/patching-windows-executables-with-the-backdoor-factory
– http://www.youtube.com/watch?v=LjUN9MACaTs

Sample Usage:
Patch an exe/dll using an existing code cave:

Patch an exe/dll by adding a code section:

Patch a directory of exes:

User supplied shellcode:

Hunt and backdoor: Injector | Windows Only

Download :

the-backdoor-factory-2.3.6.tar.gz (55.6 KB)
the-backdoor-factory-2.3.6.zip (74 KB) 

Contact the developer on:
IRC: irc.freenode.net #BDFactory
Twitter: @midnite_runr
Source : https://github.com/secretsquirrel/the-backdoor-factory | Our Post Before

NOTICE: For security professionals and researchers only.