Synopsis
I'm a metasploit dog . Yup for the past 3 years of my life as a pen-tester junkie . there's not been a project that i test without using the whole bunch of metasploit framework junkie. The juiciest thing bout metasploit is the meterpreter . A fine payload act as a badass backdoor for any platform be it windows/java/php/linux. A fine backdoor .
However antivirus is also getting much mature for the pass years . With the improvement of certain technology such as Antivirus Emulator, generating a meterpreter payload while evading the antivirus detection may be quite hard.
Known technique to evade antivirus
1. Use metasploit's msfencode to 'pack' the backdoor:
http://www.offensive-security.com/metasploit-unleashed/Antivirus_Bypass
http://www.offensive-security.com/metasploit-unleashed/Antivirus_Bypass
2. Use custom loader:
In this slides i`m presenting a new alternative way to evade antivirus emulator simply by passing an input or an argument . Our objective here is to create a backdoor that evades an antivirus detection .
Special thanks to sk, pokleyzz and the rest of the crew.
Download slides here. http://www.mediafire.com/?d95c35ax90k7u6g
5 comments:
I can't get the download link to work...
don't mention it, finally it opened... thanks!
nice one dude
without scanf can get FUD also dude..just put junk code --> http://pastebin.com/1iDmCMt4
owh ade lagi org bace eh?
Post a Comment