Metasploit mailing list archives
Re: shellcodeexec to bypass AV ?
From: HD Moore <hdm () metasploit com>
Date: Fri, 15 Apr 2011 23:14:29 -0500
On 4/15/2011 8:15 PM, HD Moore wrote:
On 4/14/2011 3:15 PM, Houcem HACHICHA wrote:The author claims that the script makes Meterpreter bypass AV (better than Msfencode). If this is true, can this be implemented in MSF ?
I apologize for the previous grammar - what I get for writing a reply on the way out the door. Regarding AV evasion, its only something worth merging into the SVN tree if it involves a technique that the user controls. Anything static results in an immediate signature, courtesy of our AV friends. We would happily accept patches for AV evasion that involve the user specifying some unique EXE or file that results in a different signature per user. Adding the same technique for all users generally just delays the problem by 3 days :) -HD _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- shellcodeexec to bypass AV ? Houcem HACHICHA (Apr 14)
- Re: shellcodeexec to bypass AV ? John B (Apr 15)
- Re: shellcodeexec to bypass AV ? HD Moore (Apr 15)
- Re: shellcodeexec to bypass AV ? HD Moore (Apr 15)
- Re: shellcodeexec to bypass AV ? Willard Dawson (Apr 17)
- Re: shellcodeexec to bypass AV ? HD Moore (Apr 17)
- Re: shellcodeexec to bypass AV ? HD Moore (Apr 15)