Metasploit mailing list archives
Video Bypassing AntiVirus with Metasploit
From: arcsighter at gmail.com (ArcSighter Elite)
Date: Thu, 15 Jan 2009 16:08:36 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thierry Zoller wrote:
Dear Ronald Jr., RLRJ> Umm. You missed the feature part. Every time it generates an RLRJ> executable it will have new sigs ;) I doubt it, I very well understood it, I meant sigs for the stub, unless it's metamorph which I highly suspect and even then. You are acustomed to what is usualy called "cryptor/packer" i assume ? Anyways let's see
All antivirus had been succesfully bypassed by what's called Binary Runtime Encryption/Executable Loading, there are many public tools available and these are eventually detected by AVs through reactive methods. Exception to these are KAV and BitDefender who implement different proactive methods that detect this memory stuff. But private tools aren't and they're relatively easy to code. Also I was doing some research with a mixture of encryption and reflective Pe loading. Sincerely. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAklvpdAACgkQH+KgkfcIQ8eqZACg7L7lNLQr778JLPlV3fSWyblI dLQAoJihuwIqaJ4nWA6vsIrdk8UIQq4w =jcGH -----END PGP SIGNATURE-----
Current thread:
- Video Bypassing AntiVirus with Metasploit Jerome Athias (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit Ronald L. Rosson Jr. (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit ArcSighter Elite (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit ArcSighter Elite (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit ArcSighter Elite (Jan 16)
- Video Bypassing AntiVirus with Metasploit Ronald L. Rosson Jr. (Jan 15)
- Video Bypassing AntiVirus with Metasploit Thierry Zoller (Jan 15)
- Video Bypassing AntiVirus with Metasploit ArcSighter Elite (Jan 15)