Re: Shikata_ga_nai evasion...

[NetEvil <netevil () hackers it>]

>
Hi John,

> I've been able to bypass AV's by writing my own loader, not my own  
> template file but actually a small program that injects shellcode  
> into memory. So I use msfpayload to output to C then copy the  
> shellcode into my own loader and compile and I'm AV free.
Thanks, nice tip! I'll try this way...

> The other thing you should watch out for is unless the online  
> scanner has a option to not submit the sample once you upload  
> something it is submitted to the AV vendors and then they will  
> create signatures for it so I don't upload anything I want to keep  
> undetected.
> So to review the only way to be 100% undetected is to write your own  
> stuff. Using something thats out there in the public will never be  
> 100% undetectable.
> The best skill I've ever learned is programming, you don't need to  
> be an expert but with a little knowledge you don't have to rely on  
> other people to make undetectable tools you can make your own.
You're right... And I feel a little embarassed cause I'm a programmer  
with about 20 years of experience -.-...anyway I totally agree your  
point of you...
I'll get my finger dirty with some fresh code ...;)

Thanks!
David

> John

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework