Back-dooring PE Files on Windows

by Arvind Vishwakarma
Oct. 7, 2017 0 comments INFOSEC Institute

Portable Executable (PE) files are very commonly used today. Many people download these files from the internet or get it from a friend and run it on their systems without realizing the dangers involved in running these kind of files. It is very easy to add malicious code to these files and have it executed on the victim’s machine without the victim’s knowledge. Objective: In this article, we would be looking at how to backdoor a Windows executable file. We will be using the popular putty executable and backdoor it with a reverse shell. The Objective is to ensure that the modified putty executable gives a reverse shell back to the attacker’s machine and at the same time continues to function normally without any issues. We would not be using any kind of automated tools to backdoor this putty executable. However, we will be doing this manually to understand how this entire process works.