Anti-Virus Issues

[stewart_fey at yahoo.com (Stewart Fey)]

Does anyone have a suggestion for evadating anti-virus on target machines.? Specifically McAfee's ability to deny 
executables from running in SYSTEM ROOT or SYSTEM32 or temp directories.? I am testing out SMB_Relay and all attempts 
to get a shell fail.? When the exploit runs, the victim system thows an application error for all payloads I have 
tested.? The exception was the add_user payload, which sucessfully added a user to the victims box.
2nd part of this, if I'm using SMB_Relay, I shouldn't need to upload any payload to get a shell since all I'm doing to 
connecting back to the victim or relaying credentials to a 3rd system.
Any advise would be welcome...
Stewart


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080626/b35811ad/attachment.htm>