Updates The Backdoor Factory (BDF) v-3.0.0 : Patch PE, ELF, Mach-O binaries with shellcode.

Updates The Backdoor Factory (BDF) v-3.0.0 : Patch PE, ELF, Mach-O binaries with shellcode.

NOTICE: For security professionals and researchers only.
Changelog : 04/14/2015
+ Change v-3.0 : Auto PE Patching, New IAT Paylaods.

The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.

PE(The-Portable-Executable-Format)

Features:
+ PE Files
+ ELF Files
+ Mach-O Files
+ OverallMSF-Overwrite-Entry

Dependences:
Capstone, using the ‘next’ repo until it is the ‘master’ repo: https://github.com/aquynh/capstone/tree/next
Pefile, most recent: https://code.google.com/p/pefile/ MSF-Overwrite-Entry-Before

INSTALL:
./install.sh

This will install Capstone with the ‘next’ repo and use pip to install pefile.

UPDATE:
./update.sh

Documentation and Presentation:
http://www.slideshare.net/midnite_runr/patching-windows-executables-with-the-backdoor-factory
– http://www.youtube.com/watch?v=LjUN9MACaTs

Sample Usage:
Patch an exe/dll using an existing code cave:

Patch an exe/dll by adding a code section:

Patch a directory of exes:

User supplied shellcode:

Hunt and backdoor: Injector | Windows Only

Download : the-backdoor-factory-3.0.0.zip(104 KB) |  the-backdoor-factory-3.0.0.tar.gz(84 KB)

Contact the developer on:
IRC: irc.freenode.net #BDFactory
Twitter: @midnite_runr
Source : https://github.com/secretsquirrel/the-backdoor-factory | Our Post Before

NOTICE: For security professionals and researchers only.