Trojan Horse Demonstration with Metasploit Framework Payload

Fajar Purnama
13 min readNov 29, 2020

Figure 0. Trojan Horse MSFpayload Illustration


This is my undergraduate assignment that I translated to English myself (original Indonesian below / bahasa Indonesia dibawah) in the Data Security System course where the task is to write an essay on Trojan Horse in groups but I was also interested in putting it into practice. Therefore, I tried to practice Trojan horse with the metasploit framework. The difference between a trojan horse and a regular backdoor is that a trojan horse is disguised as a legitimate program. Apart from me this group consisted of Dwi Angga Pratama, Yulianti Murprayana, Linda Krisna Dewi, and Agus Riki Gunawan. This task has never been published anywhere and we as the authors and copyright holders license this task customized CC-BY-SA where anyone can share, copy, republish, and sell it on condition that to state our name as the author and notify that the original and open version available here.

Chapter 1 Introduction

1.1 Background

Trojan horse is a common malware that we know about. In short it is a backdoor where this malware is attached to a file then it will work if the file is executed. Many people use antivirus such as AVG, Avast, Avira, Kaspersky, or others and it is often the case that the antivirus detects trojans. However, few people know what a trojan is and how it works. In this experiment, we will describe how a Trojan horse works using msfpayload from metasploit.

1.2 Problem

How does a Trojan horse work?

1.3 Objective

Describe how a Trojan horse works using metasploit.

1.4 Benefit

Get an idea of how a Trojan horse works by seeing the process of breaking into the system firsthand.

1.5 Scope and Limitation

  1. The file used to experiment is a .exe extension.
  2. The backdoor is created with msfpayload and executed with metasploit.
  3. The victim is Windows 7.
  4. Only connected via LAN (Local Area Network).
  5. The victim does not…
Fajar Purnama

this blog contains all my articles licensed under creative commons attribution customized sharealike (cc-by-sa) where you can sell but mention the open one here