Abstract

The aim of this paper is to deploy a custom backdoor on to a target machine (Metasploit/Windows) from the source machine (Kali Linux) in a virtual environment (Hypervisor -Windows). For the Virtual system, a wired network is used. The overall goal of the project is to deploy malware such as a backdoor, on devices connected to the infected network, to showcase the threat posed by such malicious software. This work proposes a framework for the AI-based deployment of effective custom backdoors within a virtualized environment. The local virtualization platforms have leveraged to create scalable, isolated, and reproducible sandboxes for backdoor research. This is achieved by carrying out an ARP (Address Resolution Protocol) spoofing attack. It is followed by manipulation of DNS (Domain Name System) server response to redirect the victim to a malicious site or intercept HTTP (Hyper-Text Transfer Protocol) response to enable downloading of malicious files on the target system. Hence, the trojan downloaded can be of any form, like a key-logger or Backdoor. The Backdoor will help us get full system access to the target site and we will be able to download and upload files on or from the target machine, thus effectively creating a backdoor.