Uploading Netcat on Hacked Machine as a Backdoor | Kali Linux / Backtrack | Post Exploitation

Netcat, the swiss army knife, can be used as a backdoor but I would advise against it because it has no authentication. Anyone who finds netcat server on the victim’s computer can control that machine.

First, upload Netcat on the remote machine (it is present in /usr/share/windows-binaries path in Kali Linux or Backtrack).

Next, enumerate the registry keys in the ‘run’ category (that run after each reboot).

Now use reg setval to set the value under run in the registry of victim’s machine.

Then use reg queryval to see that it’s successfully added.

Use the netsh firewall add portopening command in Windows shell to allow port opening at 455 (where netcat will listen).

Execute nc.exe using:

meterpreter> execute -f nc.exe

Now you will see nc.exe as a process on victim’s machine.