Metasploit mailing list archives
Anti-Virus Issues
From: stewart_fey at yahoo.com (Stewart Fey)
Date: Thu, 26 Jun 2008 14:06:05 -0700 (PDT)
Does anyone have a suggestion for evadating anti-virus on target machines.? Specifically McAfee's ability to deny executables from running in SYSTEM ROOT or SYSTEM32 or temp directories.? I am testing out SMB_Relay and all attempts to get a shell fail.? When the exploit runs, the victim system thows an application error for all payloads I have tested.? The exception was the add_user payload, which sucessfully added a user to the victims box. 2nd part of this, if I'm using SMB_Relay, I shouldn't need to upload any payload to get a shell since all I'm doing to connecting back to the victim or relaying credentials to a 3rd system. Any advise would be welcome... Stewart -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080626/b35811ad/attachment.htm>
Current thread:
- Anti-Virus Issues Stewart Fey (Jun 26)
- Anti-Virus Issues H D Moore (Jun 26)
- Anti-Virus Issues cg (Jun 27)