Metasploit mailing list archives
Re: Encoding an Exe file with msfencode
From: HD Moore <hdm () metasploit com>
Date: Sun, 21 Mar 2010 06:51:08 -0500
On 3/21/2010 3:50 AM, Danux wrote:
Hey List: I have a working trojan in a windows box, the problem is that it is being caught by AVG so after many hours trying to bypass AVG by modifying my XOR Encoder I gave up, so I was trying to use msfencode to bypass AVG but since it is a exe file and not a raw one the program is undetected by AVG but useless since it is not working any more. I know that msfencode expects a raw file instead of an exe but wondering if there is a way to revert from exe to raw in order to encode only .text section without affecting the functionality.
Its not as simple as encoding the contents of the .text section, as most binaries have code references to other sections. This is something often asked for, but a "binder" or "packer" is what you are looking for, not a shellcode-specific utility like msfencode. -HD _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Encoding an Exe file with msfencode Danux (Mar 21)
- Re: Encoding an Exe file with msfencode HD Moore (Mar 21)