Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Shikata_ga_nai evasion...

From: netevil <netevil () hackers it>
Date: Sun, 14 Mar 2010 18:50:31 +0100
ricky-lee birtles wrote:

Have you tried using a different .exe template. As the default one is
what most AV vendors are using to pick up the metasploit's outputted
exe's


Yes Ricky!
I've tried with an original putty... and this template is a flash movie
i'm going to do a the third test with another template.. and see if
results changes...hoping at least for symantec..

thanks
David



Regards,
-- Mr R Birtles



On 14 March 2010 17:40, NetEvil <netevil () hackers it> wrote:

Hi guys
I'm doing a pentest using my meterpreter exe encoded with shikata ga nai..
and i see it signed as suspicious by symantec and microsoft...
Do you have a quick solution for these AVs evasion? I've tried some packers
but same results...
If not ...i know the hex editor is waiting for me...

Thanks...have a nice sunday!
David


Sent from my mobile device
--------------------------------------
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework




_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: