To test that our backdoor is working as expected, we're going to put it on our web server and download it from the target computer. We don't recommend this approach for anything other than testing your backdoor.

As Kali can be used as a website, we're going to put our backdoor online and download it from the target Windows machine. We're going to keep this download in one place, a folder called evil-files, as shown in the following screenshot:

Now, the backdoor we created using Veil-Evasion, which was stored in var/lib/veil-evasion/output/compiled/, needs to be copied and pasted into the evil-files directory. And that's it! We can download the file from Kali.

To start the web server and website, input the following command in the terminal:

service apache2 start

Here, the command is service, and apache2 is the name of the web server. Hitting Enter will execute the previous command.

We now need to navigate to our Kali machine's IP address, 10.0.2.15. This should open the basic index.html file that we created that tells us our web server is working, as shown as follows:

To go to the directory containing the backdoor, go to 10.0.2.15/evil-files and hit Enter. We can then download and run the backdoor, as shown in the following screenshot:

Now that we have run the backdoor on the Windows machine, our Kali machine will tell us that we have received a connection from the target computer, as shown in the following screenshot:

This means that we now have full control over that computer. In the preceding screenshot, we can see that we have a Meterpreter session, which allows us to do anything that the rightful user of that computer can do.

To check that the backdoor is working correctly, use the sysinfo command. You should see that you're inside the MSEDGEWIN10 machine, which runs Windows 10 (Build 17134), has a x64 architecture, uses the en_US language, and Meterpreter x86 for Windows:

We've now essentially hacked our target computer. Nice work!