Creating a hidden Wireless Access Point as a Backdoor on a Nearby Windows Machine

backdooring windows

This method is present since Windows 7 came out, but is very little used. The feature this relies upon is called a „Hosted Network“.

To find out if the current setup supports hosted networks, issue the following commands in a command prompt (no need for administrative rights):

 C:\netsh wlan show drivers

This gives you all the information about your adapter available on your system. Look for the section „Supported hosted networks“. If it says yes, we`re all good to go.
Enter this command:

C:\netsh wlan set hostednetwork mode=allow ssid=your_AP_name_here key=your_passphrase_here

All that`s left to do is to start the AP with the following command:

C:\netsh wlan start hostednetwork

All that’s left to do is get a wifi antenna (the stronger, the better) and connect to the newly created access point.

The new connection even won`t show up in the sidebar (assuming you are on a Windows 8-10 machine). The only way to know if there`s something going on behind the curtain is to take a deeper look and go to system settings, network and internet, network and sharing centre, adapter configuration. Of course as a Windows feature this will also not be picked up by AV.


Leave a Reply

Your email address will not be published. Required fields are marked *