Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: McAfee VirusScan vs Metasploit Framework v2.x

From: wac <waldoalvarez00 () gmail com>
Date: Fri, 9 Dec 2005 20:55:00 -0500
Hey guys I guess you are wasting so much time. Is very easy to just encrypt
some modules and enjoy mcafee or any other to stupidly tell you that the
computer is clean. Period, do not waste your time with McAfee or any other,
it just takes 1 second. Poor world beleiving in antivirus.

Regards
Waldo

On 12/9/05, Morning Wood <se_cur_ity () hotmail com> wrote:


// look, no top post !!!


Looks like some overzealous idiot at McAfee added "Trojan" signatures

for

202 files in the latest version of the Metasploit Framework. If you use
the Framework for your job and have a McAfee support contract, *please*
call them and let them know that their product is incorrectly tagging a
standard security tool as a "Trojan" and that this is interfering with
your ability to conduct business.


the external payloads ( such as vncdll.dll ), could be considered a
"possible malware threat"
but not the whole package. ( although i guess if kiddies can root your
server, upload msf, launch msfweb, that would give you a remote attack
platform... right ). Further, to include these sigs on a desktop product
is
just ignorant.

mw
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: