Metasploit mailing list archives
Re: Regarding HDM's blog about persistent HTTPS connections
From: HD Moore <hdm () metasploit com>
Date: Wed, 14 Apr 2010 11:29:54 -0500
On 4/14/2010 11:08 AM, Terrence wrote:
Why are you encoding into a vbs rather then an exe? What are the benefits of a vbs for persistence?
VBS is easier to obfuscate and generally manipulate at runtime. Creating another EXE would result in another catch-22 around AV signatures, so using a VBS is generally easier. Long-term, a completely random EXE generator would be a better solution. -HD _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Regarding HDM's blog about persistent HTTPS connections Matt Gardenghi (Apr 14)
- Re: Regarding HDM's blog about persistent HTTPS connections HD Moore (Apr 14)
- Re: Regarding HDM's blog about persistent HTTPS connections Matt Gardenghi (Apr 14)
- Re: Regarding HDM's blog about persistent HTTPS connections Terrence (Apr 14)
- Re: Regarding HDM's blog about persistent HTTPS connections HD Moore (Apr 14)
- Re: Regarding HDM's blog about persistent HTTPS connections Matt Gardenghi (Apr 14)
- Re: Regarding HDM's blog about persistent HTTPS connections HD Moore (Apr 14)