[New Tool] BackdoorFactory v2.2.1 Released
Patch win86/64 PE and linux86/64 binaries with shellcode. The goal of The Backdoor Factory is to patch executable binaries with user desired shellcode and continue normal execution of the binary prepatched state. Under a BSD 3 Clause License.
This is done by either appending a code cave or using existing code caves of the executable. This project includes several customized metasploit shellcodes. Plus a new shellcode loadliba_reverse_tcp: designed to bypass all the protections of EMET 4.1. Also, the user can provide their own shellcode for use.
This update provides the loadliba_reverse_tcp shellcode, stability fixes, and speed improvements.
Changelog v2.2.1
7/31/2014
- Added support for ARM x32 LE ELF patching
7/22/2014
- Added FreeBSD x32 ELF patching support
- Change to BSD 3 Clause License
Features
PE Files
Can find all codecaves in an EXE/DLL. By default, clears the pointer to the PE certificate table, thereby unsigning a binary. Can inject shellcode into code caves or into a new section. Can find if a PE binary needs to run with elevated privileges. When selecting code caves, you can use the following commands: -Jump (j), for code cave jumping -Single (s), for patching all your shellcode into one cave -Append (a), for creating a code cave -Ignore (i), nevermind, ignore this binary Can ignore DLLs.
ELF Files
Extends 1000 bytes (in bytes) to the TEXT SEGMENT and injects shellcode into that section of code.
Overall
The user can : -Provide custom shellcode. -Patch a directory of executables/dlls. -Select x32 or x64 binaries to patch only. -Include BDF is other python projects see pebin.py and elfbin.py
Thanks to midnite_runr, for sharing this tool with us.