Metasploit mailing list archives
Video Bypassing AntiVirus with Metasploit
From: arcsighter at gmail.com (ArcSighter Elite)
Date: Fri, 16 Jan 2009 09:10:26 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thierry Zoller wrote:
Dear ArcSighter Elite,Pardon me, but that was the first trick against KAV and is silly;I was giving an example I found amusing, nothing more nothing less, there are a bazillion ways to escape - and decrypting from a ressource is pretty much one of the most common ones and by far not special. Let's take the dick contests offlist, if you want to discuss further, or implement it in metasploit ?
Of course we could discuss offlist if you like to. But, as I said, I left RATs quite a long time ago. Metasploit is more than a exploit framework, sure, but IMHO don't see the utility of such backdoor implementation into Metasploit. I'm using it since 2004 and haven't faced the scenario where that would be necessary yet. I just said that, giving the nature of the technique and the way AV software are implemented, it may be almost *sure* to bypass all them, by combining reflective PE loading with runtime encryption/decryption. Anyway, if you know some spanish there's a malware-devoted community at http://www.indetectables.net that IMHO is the best in the topic, regardless of language and after the dead of active-spy.org. Visiting the forum will provide you a lot of more info that I can. BTW, sorry if I misunderstood your post. Sincerely. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAklwlN0ACgkQH+KgkfcIQ8d/CQCfT8PK7LmnC/eeq0EUX/xtePHl w4sAn2KGDzNXZSZ4P5yGqpwWo8DbvNGV =Tzv1 -----END PGP SIGNATURE-----
Current thread:
- Video Bypassing AntiVirus with Metasploit Jerome Athias (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit Ronald L. Rosson Jr. (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit ArcSighter Elite (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit ArcSighter Elite (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit ArcSighter Elite (Jan 16)
- Video Bypassing AntiVirus with Metasploit Ronald L. Rosson Jr. (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit ArcSighter Elite (Jan 15)