Metasploit mailing list archives

Re: Shikata_ga_nai evasion...

From: ricky-lee birtles <mr.r.birtles () gmail com>
Date: Sun, 14 Mar 2010 17:44:24 +0000

Have you tried using a different .exe template. As the default one is
what most AV vendors are using to pick up the metasploit's outputted
exe's

Regards,
-- Mr R Birtles



On 14 March 2010 17:40, NetEvil <netevil () hackers it> wrote:

Hi guys
I'm doing a pentest using my meterpreter exe encoded with shikata ga nai..
and i see it signed as suspicious by symantec and microsoft...
Do you have a quick solution for these AVs evasion? I've tried some packers
but same results...
If not ...i know the hex editor is waiting for me...

Thanks...have a nice sunday!
David


Sent from my mobile device
--------------------------------------
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

Shikata_ga_nai evasion... NetEvil (Mar 14)
- Re: Shikata_ga_nai evasion... ricky-lee birtles (Mar 14)
  - Re: Shikata_ga_nai evasion... netevil (Mar 14)
    - Re: Shikata_ga_nai evasion... netevil (Mar 14)
    - Re: Shikata_ga_nai evasion... ricky-lee birtles (Mar 14)
    - Re: Shikata_ga_nai evasion... Terrence (Mar 14)
    - Re: Shikata_ga_nai evasion... netevil (Mar 14)
    - Message not available
    - Re: Shikata_ga_nai evasion... netevil (Mar 14)
    - Re: Shikata_ga_nai evasion... Terrence (Mar 14)
    - Message not available
    - Re: Shikata_ga_nai evasion... netevil (Mar 14)
    - Re: Shikata_ga_nai evasion... 5.K1dd (Mar 14)
    - Re: Shikata_ga_nai evasion... Menerick, John (Mar 16)

(Thread continues...)